Description

CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.

Remediation

References

CVE-2007-2509

Related Vulnerabilities

PHP Numeric Errors Vulnerability (CVE-2010-4699)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2284)

WordPress Plugin Gigya-Social Infrastructure Unspecified Vulnerability (3.0.4)

WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities (1.3.7)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.7.1.5)

Severity

Low

Classification

CVE-2007-2509 CWE-20

Tags

Missing Update Known Vulnerabilities