Security Advisory

CVE-2019-13464

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-09 18:07:21

Last updated 2024-08-04 23:57:37

Assigner mitre

State PUBLISHED

Description

An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2. Use of X.Filename instead of X_Filename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid.

← Browse all CVEs View on cve.org ↗