CVE-2002-0215
CVE-2002-0215 is a medium-severity vulnerability in Steve Kneizys Agora.cgi with a CVSS 2.0 base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 5.0)
- EPSS exploit prediction: 7% (94th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Steve Kneizys Agora.cgi
- Published:
- Last modified:
Description
Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.
Frequently asked questions
- What is CVE-2002-0215?
- Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.
- How severe is CVE-2002-0215?
- CVE-2002-0215 has a CVSS 2.0 base score of 5.0, rated medium severity.
- Is CVE-2002-0215 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 7% (94th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2002-0215?
- CVE-2002-0215 primarily affects Steve Kneizys Agora.cgi. In total, 33 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2002-0215?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2002-0215 published?
- CVE-2002-0215 was published on 2002-05-16 and last updated on 2026-06-16.
References
- http://online.securityfocus.com/archive/1/252761
- http://www.iss.net/security_center/static/8011.php
- http://www.securityfocus.com/bid/3976
Affected products (33)
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2a:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2b:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2c:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2d:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2e:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2f:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2g:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2h:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2i:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2j:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2ja:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2k:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2l:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2m:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2n:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2p:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2q:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.2r:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3a:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3b:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3c:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3d:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3e:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3f:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3i:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:3.3j:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:4.0a:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:4.0b:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:4.0c:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:4.0d:*:*:*:*:*:*:*
- cpe:2.3:a:steve_kneizys:agora.cgi:4.0e:*:*:*:*:*:*:*
More vulnerabilities in Steve Kneizys Agora.cgi
- CVE-2001-1199 — High (CVSS 7.5): Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote…