CVE-2025-71282

XenForo before 2.3.7 discloses filesystem paths via exception messages triggered by open_basedir restrictions, enabling an attacker to obtain information about the server’s directory structure. Affected product: XenForo web forum software (pre-2.3.7). Root cause: exception messages reveal filesys...

SUSE CVE-2004-1392

PHP 4.0 with cURL functions allows remote attackers to bypass the openbasedir setting and read arbitrary files via a file: URL argument to the curlinit function...

SUSE CVE-2013-1635

ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdlcachedir directive and the openbasedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an...

PHP Information Disclosure Vulnerability (CNVD-2018-15089)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in th...