CVE-2002-0614

high

Description

PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.

References

http://www.securityfocus.com/bid/4612

http://www.iss.net/security_center/static/8950.php

http://archives.neohapsis.com/archives/bugtraq/2002-04/0383.html

Details

Source: Mitre, NVD

Published: 2002-06-18

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00635