CVE-2012-3365

PHP < 5.3.15 - open_basedir Protection Bypass via SQLite Functionality

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3365. PoCs published by BlackFan.

AI-analyzed exploit summary This PoC demonstrates an open_basedir bypass in PHP versions prior to 5.3.15 by leveraging SQLite3's handling of the ':memory:' database path to write a PHP shell outside the restricted directory. The exploit creates a malicious PHP file by abusing SQLite's file path resolution.

Description

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.

Exploits (1)

github WORKING POC 21 stars

by BlackFan · poc

https://github.com/BlackFan/CVE_PoCs/tree/master/CVE-2012-3365 (PHP)

View Code ZIP pw:eip

This PoC demonstrates an open_basedir bypass in PHP versions prior to 5.3.15 by leveraging SQLite3's handling of the ':memory:' database path to write a PHP shell outside the restricted directory. The exploit creates a malicious PHP file by abusing SQLite's file path resolution.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: PHP < 5.3.15

No auth needed

Prerequisites: PHP with SQLite3 extension enabled · open_basedir restriction in place

MITRE ATT&CK