CVE-2021-47976: Php Unrestricted Upload User Filename As Destination
Untrusted $_FILES[*]['name'] flows into the destination path of move_uploaded_file() without an extension whitelist or rename to a server-generated name. An attacker can upload a .php (or other executable) file under a chosen name; if the destination directory is web-accessible and the engine executes PHP there, this is unrestricted file upload leading to re
greprules fetch cve-2021-47976-php-unrestricted-upload-user-filename-as-destination --engine opengrepDescription
Untrusted $_FILES[*]['name'] flows into the destination path of move_uploaded_file() without an extension whitelist or rename to a server-generated name. An attacker can upload a .php (or other executable) file under a chosen name; if the destination directory is web-accessible and the engine executes PHP there, this is unrestricted file upload leading to re
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.