Description
The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
Remediation
References
Related Vulnerabilities
MySQL CVE-2015-0423 Vulnerability (CVE-2015-0423)
ReviveAdserver Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7371)
Perl Out-of-bounds Write Vulnerability (CVE-2018-18311)
Oracle JRE CVE-2013-5802 Vulnerability (CVE-2013-5802)
WordPress Plugin Language Bar Flags Cross-Site Request Forgery (1.0.8)