The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
Max CVSS
5.0
EPSS Score
0.83%
Published
2000-11-14
Updated
2017-10-10
1 vulnerabilities found