The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
CVSS Score
5.0
EPSS Score
0.012
Published
2000-11-14
CGI PHP mylog script allows an attacker to read any file on the target server.
CVSS Score
7.5
EPSS Score
0.025
Published
1997-10-19
php.cgi allows attackers to read any file on the system.
CVSS Score
10.0
EPSS Score
0.024
Published
1997-08-01
Buffer overflow in PHP cgi program, php.cgi allows shell access.
CVSS Score
7.5
EPSS Score
0.005
Published
1997-04-17
Page 34