2
Candidate: CVE-2007-1460
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1460
6
The zip:// URL wrapper provided by the PECL zip extension in PHP before
7
4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir
8
checks, which allows remote attackers to read ZIP archives located outside
9
of the intended directories.
12
kees> safe-mode bypass