Description

The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.

Remediation

References

CVE-2001-1385

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2002-0071)

Django CVE-2014-1418 Vulnerability (CVE-2014-1418)

WordPress Plugin WP Mailster Cross-Site Scripting (1.5.4.0)

MySQL CVE-2025-50100 Vulnerability (CVE-2025-50100)

Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-34265)

Severity

Medium

Classification

CVE-2001-1385

Tags

Missing Update Known Vulnerabilities