php -- vulnerability in RFC 1867 file upload processing

ID 562A3FDF-16D6-11D9-BC4A-000C41E2CDAD
Type freebsd
Reporter FreeBSD
Modified 2004-10-12T00:00:00


Stefano Di Paola discovered an issue with PHP that could allow someone to upload a file to any directory writeable by the httpd process. Any sanitizing performed on the prepended directory path is ignored. This bug can only be triggered if the $_FILES element name contains an underscore.