Unrestricted File Upload Vulnerability in PHP's move_uploaded_file Function

Unrestricted File Upload Vulnerability in PHP's move_uploaded_file Function

CVE-2002-0484 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.

Learn more about our Web Application Penetration Testing UK.