PHP safemode bypass - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

PHP safemode bypass
Published: 11.09.2007
Source: BUGTRAQ
SecurityVulns ID: 8134
Type: local
Level: 5/10
Description: By using LOAD_FILE, INTO DUMPFILE, INTO OUTFILE SQL modifiers it's possible to access files behind basedir.

Affected: PHP : PHP 5.2

Original document laurent gaffie, PHP <=5.2.4 open_basedir bypass & code exec & denial of service (11.09.2007)

laurent gaffie, PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass (11.09.2007)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod