CVE-2002-0734
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-0734
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
B2 B2config.php远程命令执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
B2是一款新闻/WEB记录工具,由PHP编写,允许管理员快速在Frontpage中张贴新闻,并允许浏览者交互,可使用于Linux和Unix操作系统下。 B2中B2config.php脚本在处理引用变量上存在问题,可导致远程攻击者以B2进程的权限在目标系统上执行任意命令。 在PHP脚本引用的变量实际不存在,因此,攻击者可以自己定义变量值,通过在自己控制的服务器上建立PHP脚本并嵌入相关命令,攻击者可以引用这个远程文件,导致攻击者以B2权限在目标服务器上执行任意命令。 问题存在于/b2-include/b2e
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2002-0734
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2002-0734
Please Login to view more intelligence information
- http://cafelog.com/x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2002-0734
Same Patch Batch · n/a · 2003-04-02 · 350 CVEs total
| CVE-2002-0718 | Microsoft Content Management Server 2001文件上传漏洞(MS02-041) | |
| CVE-2002-0741 | PsyBNC超长密码导致拒绝服务漏洞 | |
| CVE-2002-0738 | MHonArc HTML脚本过滤可绕过漏洞 | |
| CVE-2002-0737 | Sambar WEB服务程序服务端文件解析可绕过漏洞 | |
| CVE-2002-0736 | Microsoft BackOffice授权问题漏洞 | |
| CVE-2002-0733 | ACME Labs thttpd跨站脚本执行漏洞 | |
| CVE-2002-0727 | Microsoft OWC可导致Active脚本执行漏洞 | |
| CVE-2002-0726 | Microsoft TSAC ActiveX远程缓冲区溢出漏洞(MS02-046) | |
| CVE-2002-0722 | Microsoft Internet Explorer 安全漏洞 | |
| CVE-2002-0720 | Microsoft Windows 2000网络连接管理器权限提升漏洞(MS02-042) | |
| CVE-2002-0719 | Microsoft Content Management Server 2001 SQL注入漏洞(MS02-041) | |
| CVE-2002-0703 | Gisle Aas Digest-MD5 UTF-8摘要计算存在漏洞 | |
| CVE-2002-0695 | Microsoft Data Access Components T-SQL OpenRowSet远程缓冲区溢出漏洞(MS02-040) | |
| CVE-2002-0697 | Microsoft Metadirectory服务远程LDAP客户端管理员访问漏洞(MS02-036) | |
| CVE-2002-0698 | Microsoft Exchange Server 缓冲区错误漏洞 | |
| CVE-2002-0700 | Microsoft Content Management Server 2001用户认证缓冲区溢出漏洞(MS02-041) | |
| CVE-2002-0701 | 多个供应商进BSD KTrace SUID/SGID进程追踪漏洞 | |
| CVE-2002-0710 | Rod Clark sendform.cgi远程可获得任意文件漏洞 | |
| CVE-2002-0716 | OpenServer定时服务格式字符串漏洞 | |
| CVE-2002-0714 | Squid FTP代理数据通道漏洞 |
Showing top 20 of 350 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2002-0734
No comments yet