PHP 'soap.wsdl_cache_dir' Validation Arbitrary File Write Vulnerability
PHP is prone to an arbitrary file-write vulnerability because the application fails to sanitize user-supplied input.
An attacker can exploit this issue to write wsdl files within the context of the affected application. Other attacks are also possible.
Note: The issue (described by CVE-2013-1643) has been moved to BID 58766 (PHP 'ext/soap/php_xml.c' Multiple Arbitrary File Disclosure Vulnerabilities) to better document it.
Versions prior to PHP 5.3.22 and 5.4.12 are vulnerable.