Description
PHP is prone to an issue that may allow programs to bypass Safe Mode by calling external files in restricted directories using include() and require().
Affected PHP versions (4.3, 4.3.1, 4.3.2).
Remediation
Upgrade PHP to the latest version.
References
Related Vulnerabilities
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
WordPress Plugin DukaPress Multiple Cross-Site Scripting Vulnerabilities (2.5.9)
Drupal Core 5.x SQL Injection (5.0 - 5.3)
WordPress Plugin Easy Media Download Cross-Site Scripting (1.1.6)
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)