N/A

The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.

N/A

N/A

PHP 代码注入漏洞

PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发，支持多种数据库及操作系统。 PHP 5.6.7及之前版本的php.ini-production和php.ini-development文件中的默认soap.wsdl_cache_dir设置中存在安全漏洞，该漏洞源于程序默认使用/tmp目录。本地攻击者可通过在/tmp目录下创建带有可预测用户名的文件利用该漏洞实施WSDL注

N/A

N/A