Description

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

Remediation

References

CVE-2010-1129

Related Vulnerabilities

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1912)

WordPress Plugin Sermon Browser Multiple Cross-Site Scripting Vulnerabilities (0.45.15)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23125)

WordPress Plugin Contact Form Submissions Unspecified Vulnerability (1.6.3)

WordPress Other Vulnerability (CVE-2007-3238)

Severity

High

Classification

CVE-2010-1129 CWE-20

Tags

Missing Update Known Vulnerabilities