Description

This alert was generated using only banner information. It may be a false positive.

PHP is prone to an issue that may allow programs to bypass Safe Mode by calling external files in restricted directories using include() and require().

Affected PHP versions (4.3, 4.3.1, 4.3.2).

Remediation

Upgrade PHP to the latest version.

References

BID 8201

PHP homepage

Related Vulnerabilities

WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)

WordPress Plugin DukaPress Multiple Cross-Site Scripting Vulnerabilities (2.5.9)

Drupal Core 5.x SQL Injection (5.0 - 5.3)

WordPress Plugin Easy Media Download Cross-Site Scripting (1.1.6)

XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)

Severity

Medium

Classification

CVE-2003-0863 CWE-829 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update