Description

Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.

Remediation

References

CVE-2002-0229

Related Vulnerabilities

XWiki CVE-2023-40573 Vulnerability (CVE-2023-40573)

SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2022-22005)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Arbitrary File Upload (3.4.4)

OpenSSL Key Management Errors Vulnerability (CVE-2016-7055)

TYPO3 Other Vulnerability (CVE-2009-3630)

Severity

High

Classification

CVE-2002-0229

Tags

Missing Update Known Vulnerabilities