Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function.
Base Score: 7.5
Impact Score: 6.4
Exploitability Score: 10
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.2.3 (inclusive)
View all (7 total)