This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote web server uses a version of PHP that is affected by a
security bypass vulnerability.
According to its banner, the version of PHP installed on the remote
host is affected by a flaw that allows an attacker to gain
unauthorized privileges. When used with sendmail and when accepting
remote input for the additional_parameters argument to the
mb_send_mail function, it is possible for context-dependent attackers
to read and create arbitrary files.
See also :
There is no known solution at this time.
Risk factor :
Low / CVSS Base Score : 3.2
CVSS Temporal Score : 2.5
Public Exploit Available : true