Description

Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.

Remediation

References

CVE-2002-0229

Related Vulnerabilities

WordPress Plugin Link Juice Keeper Cross-Site Scripting (2.0.2)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.5)

SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0465)

WordPress Plugin Jigoshop-Store Toolkit Privilege Escalation (1.3.8)

WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.6.2)

Severity

High

Classification

CVE-2002-0229

Tags

Missing Update Known Vulnerabilities