← CVECheck
HomeVulnerabilities

CVE-2001-1247 — MEDIUM severity vulnerability (PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers)

PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.

CVE IDCVE-2001-1247
SeverityMEDIUM
CVSS score6.4
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:N
CWECWE-264
StatusModified
Published2001-12-06
Last modified2026-04-16
DescriptionPHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →