2 matches found
UBUNTU-CVE-2013-6501
The default soap.wsdlcachedir setting in 1 php.ini-production and 2 php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the getsdl...
DEBIAN-CVE-2010-4725
Smarty before 3.0.0 RC3 does not properly handle an on value of the asptags option in the php.ini file, which has unspecified impact and remote attack vectors...