PHP Safedir restriction bypass vulnerabilities

Description
  • This alert was generated using only banner information. It may be a false positive.

    PHP is prone to multiple vulnerabilities that permit an attacker to bypass the 'safedir' directory restriction. An attacker can exploit these vulnerabilities to possible execute arbitrary code currently existing on a vulnerable system, or to retrieve the contents of arbitrary files, all in the security context of the Web server process.

    Affected PHP version 5.5.0.
Remediation
  • Upgrade PHP to the latest version.
References