PHP FTP commans injection
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
PHP FTP commans injection
Published:
24.03.2007
Source:
BUGTRAQ
SecurityVulns ID:
7457
Type:
library
Level:
5
/10
Description:
Unchecked CRLF in filename allows to inject FTP commands.
Affected:
PHP
:
PHP 4.4
PHP
:
PHP 5.2
CVE:
CVE-2007-2509
(CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.)
Original document
fangxiaodun_(at)_discuz.com
,
CRLF injection in PHP ftp function
(
24.03.2007
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
