PHP upload arbitrary file disclosure vulnerability

Description
  • <div class="bb-coolbox"><span class="bb-dark">This alert was generated using only banner information. It may be a false positive. </span></div><br/>PHP applications can be manipulated into opening arbitrary files on the server, rather than those uploaded by the user. <br/><br/><span class="bb-navy">Affected PHP versions (up to 3.0.16, 4.0.2).</span><br/>
Remediation
  • Upgrade PHP to the latest version.
References
Severity
Classification
Tags