H3-2022-0050
PHP-FPM Configuration File Exposure
Category | SECURITY_MISCONFIGURATION |
Base Score | 6.5 |
Description
PHP-FPM is a method to execute PHP in modern environments.
Impact
An attacker can pass PHP configuration options that allows injection of a PHP script to a listening PHP-FPM service and in some cases achieve remote code execution.