This alert was generated using only banner information. It may be a false positive.
PHP does not perform proper bounds checking on in functions related to Form-based File Uploads in HTML (RFC1867). Specifically, this problem occurs in the functions which are used to decode MIME encoded files. As a result, it may be possible to overrun the buffer used for the vulnerable functions to cause arbitrary attacker-supplied instructions to be executed.
Affected PHP versions (up to 4.1.1).
- Upgrade PHP to the latest version.
- WordPress Plugin 2kb Amazon Affiliates Store Cross-Site Scripting (2.1.0)
- WordPress Plugin Organizer Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (1.2.1)
- WordPress Plugin Ticket Manager Cross-Site Scripting (1)
- WordPress Plugin Page and Post Clone Information Disclosure (1.1)
- WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.3.47)