Description
The (1) session_save_path, (2) ini_set, and (3) error_log functions in PHP 4.4.7 and earlier, and PHP 5 5.2.3 and earlier, when invoked from a .htaccess file, allow remote attackers to bypass safe_mode and open_basedir restrictions and possibly execute arbitrary commands, as demonstrated using (a) php_value, (b) php_flag, and (c) directives in .htaccess.
Remediation
References
Related Vulnerabilities
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-34959)
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.34)
WordPress Plugin WordPress+Microsoft Office 365/Azure AD-LOGIN Unspecified Vulnerability (11.6)
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3790)