QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2003-0863

Back to search

CVE-2003-0863

Published: Oct 15, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.

VendorProductVersions

n/a

n/a

affected
n/a

References

20030716 PHP safe mode broken?
mailing-list
x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now