CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T13:42:32.622Z
Reserved: 2007-05-07T00:00:00
Link: CVE-2007-2509

No data.

Status : Deferred
Published: 2007-05-09T00:19:00.000
Modified: 2025-04-09T00:30:58.490
Link: CVE-2007-2509


No data.