Description
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.
Remediation
References
Related Vulnerabilities
Joomla! Core Cross-Site Scripting (1.5.0 - 3.7.3)
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (2.5.2.1)
WordPress Plugin Brizy-Page Builder Security Bypass (1.0.113)
Liferay DXP Other Vulnerability (CVE-2023-33946)
Squid NULL Pointer Dereference Vulnerability (CVE-2023-46728)