Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2002-2024

EPSS 0.39% · P60
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-2024

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Horde IMP 2.2.7存在路径泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IMP是一款基于Web的强大的邮件程序,它由Horde项目组开发。可使用在Linux/Unix或者Microsoft Windows操作系统下。 Horde IMP在部分脚本代码处理中存在漏洞,可导致Web路径信息泄露。 Horde IMP中的poppassd.php3、login.php3、spelling.php3、ldap.search.php3?ldap_serv=nonsense脚本代码处理存在问题,请求这些脚本会返回包含Web路径的错误信息。 通过获得这些信息,攻击者可以对系统进行进一步的深入
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2002-2024

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2002-2024

Please Login to view more intelligence information

Same Patch Batch · n/a · 2005-07-14 · 176 CVEs total

CVE-2002-2032PHP-Nuke SQL_Debug调试信息泄露漏洞
CVE-2002-2021Burning Board跨站脚本执行漏洞
CVE-2002-2022Kaffe OpenVM NoClassDefFoundError格式字符串漏洞
CVE-2002-2023Shingo beep2任意文件读取漏洞
CVE-2002-2025Lotus Domino MS-DOS设备文件名拒绝服务攻击漏洞
CVE-2002-2026BrowseFTP Client缓冲区溢出漏洞
CVE-2002-2027Database of our owlish Wisdom 安全漏洞
CVE-2002-2028微软Windows NT不准确的登录日志漏洞
CVE-2002-2029Apache Win32 PHP.EXE远程文件泄露漏洞
CVE-2002-2030SQLData Enterprise Server缓冲区溢出漏洞
CVE-2002-2031Microsoft Internet Explorer 安全漏洞
CVE-2002-2037Solaris漏洞威胁Cisco Media Gateway Controller的安全
CVE-2002-2042QNX 'ptrace()'任意进程修改漏洞
CVE-2002-2041QNX RTOS PKG-Installer缓冲区溢出漏洞
CVE-2002-2040QNX RTOS phgrafx特权提升漏洞
CVE-2002-2039QNX RTOS su密码哈希泄露漏洞
CVE-2002-2038新一代的POSIX线程共享内存服务拒绝漏洞
CVE-2002-2035RealityScape MyLoginSQL注入漏洞
CVE-2002-2033Faqmanager.cgi NULL字符泄露任意文件漏洞
CVE-2002-2034John Hardin Procmail Email Sanitizer分段Mime识别漏洞

Showing top 20 of 176 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2002-2024

No comments yet

Leave a comment