Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2012-1171 - Vulnerability Database
PHP

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2012-1171

Medium
Reference: CVE-2012-1171
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-1171
Title: PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.