Upload of a PHP file in a vulnerable web application Description   This signature is designed to block the upload of PHP files in a vulnerable web application. An attacker can exploit such application in order to upload a webshell and gain control of the server.       Default configuration   Profiles High Medium Low Internet Action Block Block Pass Pass Alarm Level Major Major Ignore Minor       References         Available since   ASQ v5.0.0       Protects   Wordpress Multiple Themes Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Wordpress Themes Multiple Vulnerabilities WordPress Third-Party Modules Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Vulnerabilities WordPress Third Party Modules Multiple Vulnerabilities WordPress Multiple Themes Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities WordPress Third Party Modules Multiple Vulnerabilities WordPress Third Party Modules Multiple Vulnerabilities WordPress Third Party Modules Multiple Vulnerabilities WordPress Third Party Modules Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Vulnerabilities Wordpress Multiple Third Party Plugins Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Themes Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities DotClear Multiple Vulnerabilities Fixed by 2.8.2 Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Centreon Multiple Vulnerabilities WordPress WP Symposium Plugin Arbitrary File Upload Vulnerability WordPress Tribulant Slideshow Gallery Plugin Arbitrary File Upload Vulnerability Wordpress NextGEN Gallery Arbitrary File Upload Vulnerability WordPress Business Intelligence Lite Plugin Arbitrary File Upload Vulnerability X2CRM Profile Picture Arbitrary File Upload Vulnerability WordPress The Cotton Theme Arbitrary File Upload Vulnerability FrontAccounting Attach Document Arbitrary File Upload Vulnerability WordPress Kiddo Theme "uploadify.php" Arbitrary File Upload Vulnerability WordPress OptimizePress Plugin Arbitrary File Upload Vulnerability WordPress Highlight - Powerful Premium Theme Arbitrary File Upload Vulnerability WordPress This Way Theme Arbitrary File Upload Vulnerability WordPress Simple Dropbox Upload Plugin Arbitrary File Upload Vulnerability Collabtive Multiple Vulnerabilities WordPress Uploader Plugin Cross-Site Scripting and Arbitrary File Upload Vulnerabilities WordPress Xerte Online Plugin Arbitrary File Upload Vulnerability WordPress ReFlex Gallery Plugin Arbitrary File Upload Vulnerability WordPress Clockstone Theme upload.php Arbitrary File Upload Vulnerability Frei-Chat "upload.php" Arbitrary File Upload Vulnerability Auxilium PetRatePro Multiple Vulnerabilities qdPM myAccount Arbitrary File Upload Vulnerability CuteFlow Multiple Vulnerabilities EGallery uploadify.php Arbitrary File Upload Vulnerability WordPress Post Recommendations Plugin "abspath" File Inclusion Vulnerability Joomla! OS Property Component File Upload Vulnerability WordPress Flip Book Plugin Arbitrary File Upload Vulnerability GetSimple Items Manager Plugin Arbitrary File Upload Vulnerability PHP-Fusion Advanced MP3 Player Module Arbitrary File Upload Vulnerability e107 Hupsi Fancybox Plugin Arbitrary File Upload Vulnerability e107 Radio Plan Plugin Arbitrary File Upload Vulnerability e107 Hupsi Share Plugin Arbitrary File Upload Vulnerability e107 Hupsis Media Gallery Plugin Arbitrary File Upload Vulnerability WordPress Sitemile Auctions Plugin Arbitrary File Upload Vulnerability WordPress LB Mixed Slideshow Plugin Arbitrary File Upload Vulnerability Joomla! Maian Media Component Arbitrary File Upload Vulnerability Joomla! Dione FileUploader Module Arbitrary File Upload Vulnerability WordPress MegaThemes Themes Arbitrary File Upload Vulnerability WordPress Zingiri Web Shop Plugin Arbitrary File Upload Vulnerability WordPress Invit0r Plugin Arbitrary File Upload Vulnerability WordPress Evarisk Plugin Arbitrary File Upload Vulnerability Joomla! Easy Flash Uploader Module Arbitrary File Upload Vulnerability Joomla! Art Uploader Module Arbitrary File Upload Vulnerability WordPress Annonces Plugin Arbitrary File Upload Vulnerability WordPress Contus Video Gallery Plugin Arbitrary File Upload Vulnerability WordPress Contus HD FLV Player Plugin SQL Injection and Arbitrary File Upload Vulnerabilities WordPress SFBrowser Plugin Arbitrary File Upload Vulnerability WordPress PICA Photo Gallery Plugin Arbitrary File Disclosure and File Upload Vulnerabilities Wordpress Mac Photo Gallery Plugin Arbitrary File Upload Vulnerability WordPress Front File Manager Arbitrary File Upload Vulnerability WordPress Hungred Post Thumbnail Plugin Arbitrary File Upload Vulnerability WordPress PDW File Browser Plugin Arbitrary File Upload Vulnerability WordPress Top Quark Architecture Plugin Arbitrary File Upload Vulnerability WordPress RBX Gallery Plugin Arbitrary File Upload Vulnerability Agora Project Multiple Vulnerabilities WordPress wpStoreCart Plugin Arbitrary File Upload Vulnerability WordPress Front End Upload Plugin Arbitrary File Upload Vulnerability WordPress Nmedia Member Conversation Plugin Arbitrary File Upload Vulnerability Wordpress Omni Secure Files Plugin Arbitrary File Upload Vulnerability WordPress FCChat Widget Plugin Arbitrary File Upload Vulnerability WordPress MM Forms Community Arbitrary File Upload Vulnerability Wordpress Font Uploader Plugin Arbitrary File Upload Vulnerability WordPress WP-Property Plugin Arbitrary File Upload Vulnerability WordPress HTML5 AV Manager Plugin Arbitrary File Upload Vulnerability WordPress FoxyPress Plugin Arbitrary File Upload Vulnerability WordPress Asset Manager Plugin Arbitrary File Upload Vulnerability Joomla! JCE Component Cross-Site Scripting and Arbitrary File Upload Vulnerabilities 100 last CVE   CVE-2017-9337 CVE-2017-9336 CVE-2017-2168 CVE-2017-1002022 CVE-2017-1002021 CVE-2017-1002020 CVE-2017-1002019 CVE-2017-1002018 CVE-2017-1002017 CVE-2016-1000139 CVE-2015-7806 CVE-2015-5308 CVE-2014-5460 CVE-2014-3247 CVE-2014-3246 CVE-2014-2664 CVE-2013-7102 CVE-2013-5963 CVE-2012-3814 CVE-2012-3578 CVE-2012-3577 CVE-2012-3576 CVE-2012-3575 CVE-2012-3574 CVE-2012-2902 CVE-2012-2901    Risk level  Moderate