cpe:2.3:a:jbmc-software:directadmin:1.211:*:*:*:*:*:*:*
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
Max CVSS
6.9
EPSS Score
0.05%
Published
2009-05-05
Updated
2010-03-29
CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
Max CVSS
8.5
EPSS Score
0.57%
Published
2009-05-05
Updated
2017-08-17
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!