CVE-2002-1149

high

Description

The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.

References

http://www.securityfocus.com/bid/5789

http://www.osvdb.org/3356

http://www.iss.net/security_center/static/10178.php

http://marc.info/?l=bugtraq&m=103290602609197&w=2

Details

Source: Mitre, NVD

Published: 2002-10-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00837