header-logo
Suggest Exploit
vendor:
N/A
by:
SecurityFocus
7.5
CVSS
HIGH
Multiple Input-Validation Vulnerabilities
20
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2004

PHP Multiple Input-Validation Vulnerabilities

PHP is prone to multiple input-validation vulnerabilities that could allow 'safe_mode' and 'open_basedir' security settings to be bypassed. These issues reside in the 'mb_send_mail()' function, the 'mail()' function, and various PHP IMAP functions. An attacker can exploit these issues to bypass security settings and gain access to unauthorized resources.

Mitigation:

Ensure that input is properly validated and filtered.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/16878/info

PHP is prone to multiple input-validation vulnerabilities that could allow 'safe_mode' and 'open_basedir' security settings to be bypassed. These issues reside in the 'mb_send_mail()' function, the 'mail()' function, and various PHP IMAP functions.

$additional_param = "-C ".$file_to_read." -X ".getcwd()."/".$output_file;

Navigation

Suggest Exploit

Services By CQR