Main Vulnerability Database Exploits ID:11533 - Exploit for Permissions, Privileges, and Access Controls in PHP - CVE-2008-7002

ID:11533 - Exploit for Permissions, Privileges, and Access Controls in PHP - CVE-2008-7002

Published: June 10, 2025

Vulnerability identifier: #VU110325

Vulnerability risk: Low

CVE-ID: CVE-2008-7002

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
PHP

Link to public exploit:

https://www.exploit-db.com/exploits/32343/

Vulnerability description

The vulnerability allows a local user to execute arbitrary code.

PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) passthru, or (5) popen functions, possibly involving pathnames such as "C:" drive notation.

Remediation

Install update from vendor's website.

ID:11533 - Exploit for Permissions, Privileges, and Access Controls in PHP - CVE-2008-7002

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human