PHP is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied data.
Attackers can leverage this issue to bypass security restrictions enforced by 'safe_mode' to access data outside of the root webserver directory. Successful attacks may allow an attacker to access sensitive information that could aid in further attacks.
Slackware Linux 12.1 Slackware Linux 12.0 Slackware Linux -current PHP PHP 5.2.6 Gentoo Linux 暂无
<a href=www.php.net target=_blank>www.php.net</a>