Unrated severityNVD Advisory· Published Jul 9, 2019· Updated Aug 4, 2024
CVE-2019-13464
CVE-2019-13464
Description
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2. Use of X.Filename instead of X_Filename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- OWASP/ModSecurity Core Rule Setdescription
- Range: = 3.0.2
Patches
Vulnerability mechanics
References
2- github.com/SpiderLabs/owasp-modsecurity-crs/issues/1386mitrex_refsource_MISC
- github.com/SpiderLabs/owasp-modsecurity-crs/pull/1391mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.