VDB

GCVE-110-MAGEIA-2018-474

GCVE-110-MAGEIA-2018-474
Advisory Published
Vulnetix · Advisory published December 2, 2018
A flaw was found in mod_perl 2.0 through 2.0.10 which allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes (CVE-2011-2767).

Affected Products

VendorProductVersionsPlatforms
Mageiaapache-mod_perl0 (affected), 2.0.10-1.1.mga6 (unaffected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›