Description
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
Remediation
References
Related Vulnerabilities
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
WordPress Plugin Product Addons & Fields for WooCommerce Arbitrary File Upload (1.1)
MySQL Other Vulnerability (CVE-2003-0073)
Oracle JRE CVE-2013-5780 Vulnerability (CVE-2013-5780)
Drupal Improper Input Validation Vulnerability (CVE-2012-5653)