CVEs-PoC/2007/CVE-2007-1710.md

### [CVE-2007-1710](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1710)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence.

### POC

#### Reference
- https://www.exploit-db.com/exploits/3573

#### Github
No PoCs found on GitHub currently.