Description

In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter.

Remediation

References

CVE-2018-20420

Related Vulnerabilities

WordPress 4.2.x Same Origin Method Execution (SOME) Vulnerability (4.2 - 4.2.7)

WordPress Plugin Master Popups Remote Code Execution (1.0.0)

Oracle JRE CVE-2012-1724 Vulnerability (CVE-2012-1724)

WordPress Plugin Events Manager Cross-Site Request Forgery (5.9.8.1)

Nexus Repository Manager Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') Vulnerability (CVE-2018-16621)

Severity

Medium

Classification

CVE-2018-20420 CWE-732 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities