Description

Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function.

Remediation

References

CVE-2007-4825

Related Vulnerabilities

MySQL Other Vulnerability (CVE-2000-0148)

WordPress Plugin WP Customize Login Cross-Site Scripting (1.1)

WordPress Plugin Page Builder by SiteOrigin Cross-Site Scripting (2.0.4)

Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)

WeBid Incorrect Comparison Vulnerability (CVE-2020-23359)

Severity

High

Classification

CVE-2007-4825 CWE-22

Tags

Missing Update Known Vulnerabilities