Description
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-5767 Vulnerability (CVE-2013-5767)
WordPress Plugin Bind Users to Taxonomy Cross-Site Scripting (0.3)
WordPress Plugin Visitor Traffic Real Time Statistics SQL Injection (3.8)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-1280)
Magento Deserialization of Untrusted Data Vulnerability (CVE-2019-8141)