CVE-2010-1130
PHP <5.2.13, 5.3.1 - Info Disclosure
Title source: llmDescription
session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. (dot dot).
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Grzegorz Stachowiak · phpdosphp
https://www.exploit-db.com/exploits/33625
References (11)
Scores
EPSS
0.0557
EPSS Percentile
90.3%
Details
CWE
CWE-264
Status
published
Products (28)
php/php
5.0.0 (8 CPE variants)
php/php
5.0.1
php/php
5.0.2
php/php
5.0.3
php/php
5.0.4
php/php
5.0.5
php/php
5.1.0
php/php
5.1.1
php/php
5.1.2
php/php
5.1.3
... and 18 more
Published
Mar 26, 2010
Tracked Since
Feb 18, 2026