Description

Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function.

Remediation

References

CVE-2007-4825

Related Vulnerabilities

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.23)

WebLogic CVE-2023-22108 Vulnerability (CVE-2023-22108)

Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4194)

WordPress Plugin GS Logo Slider-Ticker, Grid, List, Table & Filter Views Cross-Site Scripting (3.3.7)

Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-33334)

Severity

High

Classification

CVE-2007-4825 CWE-22

Tags

Missing Update Known Vulnerabilities