← CVECheck
HomeVulnerabilities

CVE-2000-0860 — MEDIUM severity vulnerability (The file upload capability in PHP versions 3 and 4 allows re)

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.

CVE IDCVE-2000-0860
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2000-11-14
Last modified2026-04-16
DescriptionThe file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →