2003-04-02 05:00:00
mitre
PUBLISHED
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.