Описание
Multiple directory traversal vulnerabilities in the (1) staff interface help editor (edithelp.pl) or (2) member-picupload.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allow remote attackers to write to arbitrary files via unspecified vectors.
Multiple directory traversal vulnerabilities in the (1) staff interface help editor (edithelp.pl) or (2) member-picupload.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allow remote attackers to write to arbitrary files via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-1923
- http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11661
- http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11662
- http://koha-community.org/security-release-february-2014
- http://www.openwall.com/lists/oss-security/2014/02/07/10
- http://www.openwall.com/lists/oss-security/2014/02/10/3
Связанные уязвимости
Multiple directory traversal vulnerabilities in the (1) staff interface help editor (edithelp.pl) or (2) member-picupload.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allow remote attackers to write to arbitrary files via unspecified vectors.
Multiple directory traversal vulnerabilities in the (1) staff interfac ...