CVE-2007-1460
MEDIUM
5.0
CVSS Severity Score
Vulnerability Description
The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories.
Affected Platforms (CPE)
📦
Php
Php
<= 4.4.6📦
Php
Php
= 1.0📦
Php
Php
= 2.0📦
Php
Php
= 2.0b10📦
Php
Php
= 3.0📦
Php
Php
= 3.0.1📦
Php
Php
= 3.0.2📦
Php
Php
= 3.0.3📦
Php
Php
= 3.0.4📦
Php
Php
= 3.0.5📦
Php
Php
= 3.0.6📦
Php
Php
= 3.0.7📦
Php
Php
= 3.0.8📦
Php
Php
= 3.0.9📦
Php
Php
= 3.0.10📦
Php
Php
= 3.0.11📦
Php
Php
= 3.0.12📦
Php
Php
= 3.0.13📦
Php
Php
= 3.0.14📦
Php
Php
= 3.0.15📦
Php
Php
= 3.0.16📦
Php
Php
= 3.0.17📦
Php
Php
= 3.0.18📦
Php
Php
= 4.0📦
Php
Php
= 4.0📦
Php
Php
= 4.0📦
Php
Php
= 4.0📦
Php
Php
= 4.0📦
Php
Php
= 4.0.0📦
Php
Php
= 4.0.1📦
Php
Php
= 4.0.2📦
Php
Php
= 4.0.3📦
Php
Php
= 4.0.4📦
Php
Php
= 4.0.5📦
Php
Php
= 4.0.6📦
Php
Php
= 4.0.7📦
Php
Php
= 4.1.0📦
Php
Php
= 4.1.1📦
Php
Php
= 4.1.2📦
Php
Php
= 4.2.0📦
Php
Php
= 4.2.1📦
Php
Php
= 4.2.2📦
Php
Php
= 4.2.3📦
Php
Php
= 4.3.0📦
Php
Php
= 4.3.1📦
Php
Php
= 4.3.2📦
Php
Php
= 4.3.3📦
Php
Php
= 4.3.4📦
Php
Php
= 4.3.5📦
Php
Php
= 4.3.6📦
Php
Php
= 4.3.7📦
Php
Php
= 4.3.8📦
Php
Php
= 4.3.9📦
Php
Php
= 4.3.10📦
Php
Php
= 4.3.11📦
Php
Php
= 4.4.0📦
Php
Php
= 4.4.1📦
Php
Php
= 4.4.2📦
Php
Php
= 4.4.3📦
Php
Php
= 4.4.4📦
Php
Php
= 4.4.5📦
Php
Php
= 5.2.0📦
Php