icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

PHP 3.0.x < 3.0.17 / 4.0.x < 4.0.3 Hidden Form Field File Upload

Medium

Synopsis

The remote host is running a version of PHP which is older than 3.0.17 or 4.0.3.

Description

The remote host is running a version of PHP which is older than 3.0.17 or 4.0.3. If a PHP script that allows users to upload files and then display their content is running on this host, an attacker may use it to read arbitrary files.

Solution

Upgrade to PHP 3.0.17 or 4.0.3 or higher.