CVE-2001-1247 — MEDIUM severity vulnerability (PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers)
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.
| CVE ID | CVE-2001-1247 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 6.4 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
| CWE | CWE-264 |
| Status | Modified |
| Published | 2001-12-06 |
| Last modified | 2026-04-16 |
| Description | PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →