2007-09-04 19:00:00
mitre
PUBLISHED
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.