WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Other Vulnerability (CVE-2005-3054)

Description

fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory.

Remediation

References

Related Vulnerabilities

WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)

WordPress Plugin ARS Reg Secure Cross-Site Scripting (1.1)

MySQL CVE-2016-3459 Vulnerability (CVE-2016-3459)

WordPress Plugin WP Advanced Importer Cross-Site Scripting (2.1.1)

Joomla Improper Input Validation Vulnerability (CVE-2018-11321)

Severity

Low

Classification

CVE-2005-3054

Tags

Missing Update Known Vulnerabilities