Description

CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.

Remediation

References

CVE-2007-2509

Related Vulnerabilities

MySQL CVE-2021-35537 Vulnerability (CVE-2021-35537)

WordPress Plugin BuddyPress Extended Friendship Request Cross-Site Scripting (1.0.1)

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10083)

MySQL CVE-2021-2479 Vulnerability (CVE-2021-2479)

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-22462)

Severity

Low

Classification

CVE-2007-2509 CWE-20

Tags

Missing Update Known Vulnerabilities