Description

Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.

Remediation

References

CVE-2002-0229

Related Vulnerabilities

WordPress Plugin Simple Ads Manager PHP Object Injection (2.9.8.125)

WordPress Plugin Live Product Editor for WooCommerce Security Bypass (4.6.2)

WordPress Plugin RSS Redirect & Feedburner Alternative Unspecified Vulnerability (1.9)

WordPress Plugin Site Kit by Google Security Bypass (1.7.1)

Oracle Application Server CVE-2008-3977 Vulnerability (CVE-2008-3977)

Severity

High

Classification

CVE-2002-0229

Tags

Missing Update Known Vulnerabilities