6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.055 Low
EPSS
Percentile
93.1%
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7
does not properly restrict filenames in multipart/form-data POST requests,
which allows remote attackers to conduct absolute path traversal attacks,
and possibly create or overwrite arbitrary files, via a crafted upload
request, related to a “file path injection vulnerability.”
Author | Note |
---|---|
mdeslaur | PoC: http://pastebin.com/1edSuSVN |