Description
GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname (and extension). This allows creation of PHP files outside of the uploads directory, directly in the webroot.
Remediation
References
Related Vulnerabilities
Jenkins CVE-2013-0330 Vulnerability (CVE-2013-0330)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5341)
SharePoint CVE-2021-40482 Vulnerability (CVE-2021-40482)
WordPress Plugin Autoptimize Cross-Site Scripting (2.8.3)
TYPO3 Improper Input Validation Vulnerability (CVE-2014-3941)