CVE-2011-2202

🗓️ 16 Jun 2011 23:00:00Reported by redhatType

cve

cve🔗 web.nvd.nist.gov👁 130 Views

"PHP before 5.3.7 allows absolute path traversal via crafted upload request.

Reporter	Title	Published	Views	Family All 149
FreeBSD	php -- multiple vulnerabilities	18 Aug 201100:00	–	freebsd
Tenable Nessus	PHP 5.3.x < 5.3.7 Multiple Vulnerabilities	23 Aug 201100:00	–	nessus
Tenable Nessus	Mac OS X 10.7 < 10.7.3 Multiple Vulnerabilities	6 Feb 201200:00	–	nessus
Tenable Nessus	PHP 5.3 < 5.3.7 Multiple Vulnerabilities	23 Aug 201100:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php (ALAS-2011-07)	4 Sep 201300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php (ALAS-2011-7)	12 Oct 201400:00	–	nessus
Tenable Nessus	CentOS 5 : php53 (CESA-2011:1423)	3 Nov 201100:00	–	nessus
Tenable Nessus	CentOS 5 : php (CESA-2012:0033)	24 Jan 201200:00	–	nessus
Tenable Nessus	CentOS 4 : php (CESA-2012:0071)	29 Jun 201300:00	–	nessus
Tenable Nessus	Debian DSA-2266-1 : php5 - several vulnerabilities	5 Jul 201100:00	–	nessus

NVD

Node

php phpRange≤5.3.6

OR

php phpMatch1.0

OR

php phpMatch2.0

OR

php phpMatch2.0b10

OR

php phpMatch3.0

OR

php phpMatch3.0.1

OR

php phpMatch3.0.2

OR

php phpMatch3.0.3

OR

php phpMatch3.0.4

OR

php phpMatch3.0.5

OR

php phpMatch3.0.6

OR

php phpMatch3.0.7

OR

php phpMatch3.0.8

OR

php phpMatch3.0.9

OR

php phpMatch3.0.10

OR

php phpMatch3.0.11

OR

php phpMatch3.0.12

OR

php phpMatch3.0.13

OR

php phpMatch3.0.14

OR

php phpMatch3.0.15

OR

php phpMatch3.0.16

OR

php phpMatch3.0.17

OR

php phpMatch3.0.18

OR

php phpMatch4.0

OR

php phpMatch4.0beta_4_patch1

OR

php phpMatch4.0beta1

OR

php phpMatch4.0beta2

OR

php phpMatch4.0beta3

OR

php phpMatch4.0beta4

OR

php phpMatch4.0.0

OR

php phpMatch4.0.1

OR

php phpMatch4.0.2

OR

php phpMatch4.0.3

OR

php phpMatch4.0.4

OR

php phpMatch4.0.5

OR

php phpMatch4.0.6

OR

php phpMatch4.0.7

OR

php phpMatch4.1.0

OR

php phpMatch4.1.1

OR

php phpMatch4.1.2

OR

php phpMatch4.2.0

OR

php phpMatch4.2.1

OR

php phpMatch4.2.2

OR

php phpMatch4.2.3

OR

php phpMatch4.3.0

OR

php phpMatch4.3.1

OR

php phpMatch4.3.2

OR

php phpMatch4.3.3

OR

php phpMatch4.3.4

OR

php phpMatch4.3.5

OR

php phpMatch4.3.6

OR

php phpMatch4.3.7

OR

php phpMatch4.3.8

OR

php phpMatch4.3.9

OR

php phpMatch4.3.10

OR

php phpMatch4.3.11

OR

php phpMatch4.4.0

OR

php phpMatch4.4.1

OR

php phpMatch4.4.2

OR

php phpMatch4.4.3

OR

php phpMatch4.4.4

OR

php phpMatch4.4.5

OR

php phpMatch4.4.6

OR

php phpMatch4.4.7

OR

php phpMatch4.4.8

OR

php phpMatch4.4.9

OR

php phpMatch5.3.0

OR

php phpMatch5.3.1

OR

php phpMatch5.3.2

OR

php phpMatch5.3.3

OR

php phpMatch5.3.4

OR

php phpMatch5.3.5

Source	Link
bugs	www.bugs.php.net/bug.php
securitytracker	www.securitytracker.com/id
debian	www.debian.org/security/2011/dsa-2266
svn	www.svn.php.net/viewvc/php/php-src/branches/PHP_5_3/main/rfc1867.c
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/67999
secunia	www.secunia.com/advisories/44874
support	www.support.apple.com/kb/HT5130
pastebin	www.pastebin.com/1edSuSVN
openwall	www.openwall.com/lists/oss-security/2011/06/12/5
rhn	www.rhn.redhat.com/errata/RHSA-2012-0071.html

29 Apr 2026 01:13Current

8.1High risk

Vulners AI Score8.1

CVSS 26.4

EPSS0.11671

php 5.3.7 absolute path traversal upload request file path injection vulnerability cve-2011-2202 nvd