Description

The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."

Remediation

References

CVE-2011-2202

Related Vulnerabilities

WordPress Plugin FoxyPress 'uploadify.php' Arbitrary File Upload (0.4.2.1)

WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Privilege Escalation (2.4.0)

WordPress Plugin WP No External Links Cross-Site Scripting (3.5.15)

Oracle Database Server CVE-2011-0880 Vulnerability (CVE-2011-0880)

SharePoint CVE-2022-44693 Vulnerability (CVE-2022-44693)

Severity

Medium

Classification

CVE-2011-2202 CWE-264

Tags

Missing Update Known Vulnerabilities