Description

In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter.

Remediation

References

CVE-2018-20420

Related Vulnerabilities

WordPress Plugin 3D Banner Rotator 'upload.php' Arbitrary File Upload (2.1)

WordPress Plugin Quotes Collection Cross-Site Request Forgery (1.5.5.1)

Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Open Redirect (2.0.33)

WordPress Plugin Two-Factor Authentication-Clockwork SMS Cross-Site Scripting (1.0.3)

Severity

Medium

Classification

CVE-2018-20420 CWE-732 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities