Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2005-3054

fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory.

  • Published: Sep 26, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-3054
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
php / php 4.4.0 4.4.0.x