ID:11544 - Exploit for Link following in PHP - CVE-2007-4652

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:11544 - Exploit for Link following in PHP - CVE-2007-4652

ID:11544 - Exploit for Link following in PHP - CVE-2007-4652

Published: June 10, 2025


Vulnerability identifier: #VU110375
Vulnerability risk: Low
CVE-ID: CVE-2007-4652
CWE-ID: CWE-59
Exploitation vector: Local access
Vulnerable software:
PHP

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to read and manipulate data.

The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.


Remediation

Install update from vendor's website.