3 matches found
CVE-2007-0448
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...
PHP < 5.2.0 Multiple Vulnerabilities
PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
CVE-2007-0448
CVE-2007-0448 : The PHP 5.2.0 fopen implementation fails to properly handle invalid URI handlers, enabling context-dependent attackers to bypass safe_mode and read arbitrary files via a path specified with an invalid URI (illustrated by the srpath URI). This is documented across multiple sources ...