PHP Safedir restriction bypass vulnerabilities

Description

This alert was generated using only banner information. It may be a false positive.

PHP is prone to multiple vulnerabilities that permit an attacker to bypass the 'safedir' directory restriction. An attacker can exploit these vulnerabilities to possible execute arbitrary code currently existing on a vulnerable system, or to retrieve the contents of arbitrary files, all in the security context of the Web server process.

Affected PHP version 5.5.0.

Remediation

Upgrade PHP to the latest version.

References
Severity
Classification
Tags
  • Missing Update