1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: PHP Arbitrary File Upload CVE-2016-3078

Attack: PHP Arbitrary File Upload CVE-2016-3078

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempts to execute arbitrary code on vulnerable installations of PHP.

Additional Information

Successfully exploiting these issues may allow attackers to execute arbitrary code within the context of the application. Failed attacks may cause a denial-of-service condition.


  • PHP 7.x versions prior to 7.0.6 are vulnerable.


Updates are available. Please see the references or vendor advisory for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube