Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP未定义Safe_Mode_Include_Dir选项绕过Safemode模式漏洞
Vulnerability Description
PHP是一款广泛使用的脚本语言解析系统,可以方便的进行WEB开发,能嵌入到HTML中使用。 PHP存在安全漏洞,攻击者可以使用include()和require()在限制目录中调用外部文件,允许程序绕过Safe模式。 当safe_mode_include_dir PHP指示没有定义时会出现此问题,报告当通过include()或require()调用访问文件时存在逻辑错误可导致PHP错误的运行安全检查,使攻击者绕过Safe模式模型。 此问题可引起在使用Safe模式的环境中,如WEB资源由多个用户共享时,可使
CVSS Information
N/A
Vulnerability Type
N/A