exploitDog

GHSA-86jv-39rm-gf4v

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.

Ссылки

EPSS

Процентиль: 72%

0.007

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2010-3692

ubuntu

больше 15 лет назад

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.

CVE-2010-3692

nvd

больше 15 лет назад

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.

CVE-2010-3692

debian

больше 15 лет назад

Directory traversal vulnerability in the callback function in client.p ...

EPSS

Процентиль: 72%

0.007

Низкий

CVE ID

Дефекты

CWE-22