CVE-2007-3997
PHP 4.0.0-4.4.7 - Remote Bypass of safe_mode and open_basedir via MySQL LOCAL INFILE
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-3997. PoCs published by Mattias Bengtsson.
AI-analyzed exploit summary The exploit demonstrates a bypass of PHP's safe_mode restriction by leveraging MySQL's LOCAL INFILE feature to read arbitrary files. It includes proof-of-concept code for both MySQL and MySQLi extensions.
Description
The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
Exploits (1)
The exploit demonstrates a bypass of PHP's safe_mode restriction by leveraging MySQL's LOCAL INFILE feature to read arbitrary files. It includes proof-of-concept code for both MySQL and MySQLi extensions.