Description

Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.

Remediation

References

CVE-2002-0229

Related Vulnerabilities

Next.js User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2022-23646)

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.5)

Atlassian Jira Other Vulnerability (CVE-2006-3338)

Claroline Other Vulnerability (CVE-2005-1377)

Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 - 4.6.9)

Severity

High

Classification

CVE-2002-0229

Tags

Missing Update Known Vulnerabilities