Description
Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Event List SQL Injection (0.7.8)
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.19)
Drupal Core 7.x Remote Code Execution (7.0 - 7.58)
WebLogic CVE-2019-2824 Vulnerability (CVE-2019-2824)
Oracle JRE Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-21140)