Challii

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 4.4.4 **Description** The issue concerns the `imap body` function, which does not implement safemode or open basedir checks. This allows local users to read arbitrary files or list arbitrary directory contents. **Recommendations** For versions prior to 4.4.4, update to version 4.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `imap body` function until a patch is available.