Description

Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).

Remediation

References

CVE-2003-0097

Related Vulnerabilities

Oracle Database Server CVE-2009-1015 Vulnerability (CVE-2009-1015)

WordPress Plugin WP Job Manager PHP Object Injection (1.31.2)

WordPress Plugin Calculated Fields Form Cross-Site Scripting (1.0.353)

WordPress Plugin YITH WooCommerce Compare Security Bypass (2.3.13)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)

Severity

High

Classification

CVE-2003-0097

Tags

Missing Update Known Vulnerabilities