Описание
It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. This flaw affects redhat-certification version 7.
It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. This flaw affects redhat-certification version 7.
Связанные уязвимости
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.