Vulnerability in N/a
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data…
EPSS: 0.652 (98.5th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 21252 (x_refsource_SECUNIA, third-party-advisory)
- 22691 (x_refsource_SECUNIA, third-party-advisory)
- MDKSA-2005:213 (vendor-advisory, x_refsource_MANDRIVA)
- RHSA-2005:831 (x_refsource_REDHAT, vendor-advisory)
- support.avaya.com/elmodocs2/security/ASA-2006-037.htm (x_refsource_CONFIRM)
- 18198 (x_refsource_SECUNIA, third-party-advisory)
- SSRT061238 (x_refsource_HP, vendor-advisory)
- 132 (x_refsource_SREASON, third-party-advisory)
- 18054 (x_refsource_SECUNIA, third-party-advisory)
- ADV-2005-2254 (vdb-entry, x_refsource_VUPEN)