CVE-2004-1020

The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magic_quotes_gpc mechanism. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

Published: Jan 10, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-1020
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
php / php	4.3.9	4.3.9.x
php / php	5.0-rc1	5.0-rc1.x
php / php	4.3.6	4.3.6.x
php / php	5.0.1	5.0.1.x
php / php	4.3.7	4.3.7.x
php / php	5.0-rc3	5.0-rc3.x
php / php	5.0-rc2	5.0-rc2.x
php / php	5.0.2	5.0.2.x
php / php	5.0.0	5.0.0.x
php / php	4.3.8	4.3.8.x

Vulnerability Database

289,599

CVE-2004-1020