The Tmp dir is used to store temporary files that need to be uploaded to the server. There are many servers having this vulnerability through which, the Upload tmp dir is accessible to everyone. The upload_tmp_dir allows a developer to specify where uploaded files should be saved until the handling script moves them to a more permanent location. If this file is within the document root of the website and/or accessible to system users other than PHP’s user, it could be modified or overwritten while PHP is processing it. By default, upload_tmp_dir is set to the system’s standard temporary directory, which can typically be accessed by all system users.
The impact include:-
Beagle recommends the following fixes:-