Описание
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.2-1ubuntu2.4 |
| devel | not-affected | |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.5.7-3ubuntu2.1 |
| hardy | released | 1.5.8-5.1ubuntu2.2 |
| intrepid | not-affected | |
| upstream | needed |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter.
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter.
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows ...
EPSS
5 Medium
CVSS2