Arbitrary file creation

Description
  • This script is possibly vulnerable to arbitrary file creation.<br/><br/>This issue allows an attacker to influence calls to functions which create files/directories and create arbitrary files. Due to a lack of input validation, an attacker can supply directory traversal sequences followed by an arbitrary file name to create specific files.
Remediation
  • Your script should filter metacharacters from user input.
References
Severity
Classification
Tags