PHP 4.0.5 up to and including 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote malicious users to execute arbitrary commands via shell metacharacters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |