The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows malicious users to bypass safe mode and read files via a file:// request containing null characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php 4.4.2 |
||
php php 5.1.4 |