Description

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.

Remediation

References

CVE-2012-0057

Related Vulnerabilities

WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark SQL Injection (2.9.3)

WordPress Plugin Style It Cross-Site Scripting (1.0)

Oracle JRE CVE-2014-0453 Vulnerability (CVE-2014-0453)

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-10838)

MySQL CVE-2012-1757 Vulnerability (CVE-2012-1757)

Severity

Medium

Classification

CVE-2012-0057 CWE-264

Tags

Missing Update Known Vulnerabilities