Description
The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is disabled.
Remediation
References
Related Vulnerabilities
WordPress Plugin Twenty20 Image Before-After Malicious Code (1.6.3)
WordPress 4.5.x Cross-Site Request Forgery (4.5 - 4.5.16)
Joomla Improper Input Validation Vulnerability (CVE-2006-4468)
Internet Information Services Configuration Vulnerability (CVE-2003-1566)
Ruby on Rails Improper Input Validation Vulnerability (CVE-2010-3933)