Description
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.
Remediation
References
Related Vulnerabilities
phpMyAdmin Other Vulnerability (CVE-2005-3621)
PostgreSQL Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2024-7348)
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127)
Oracle Application Server Other Vulnerability (CVE-2006-5358)
WordPress Plugin Product Catalog for WordPress Unspecified Vulnerability (1.4.5)