Vulnerability Database

300,444

Total vulnerabilities in the database

CVE-2002-0121

PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.

  • Published: Mar 25, 2002
  • Updated: Nov 9, 2025
  • CVE: CVE-2002-0121
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
php / php 4.1.0 4.1.0.x
php / php 4.0.4 4.0.4.x
php / php 4.0.5 4.0.5.x
php / php 4.0.6 4.0.6.x
php / php 4.1.2 4.1.2.x