Description
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
Remediation
References
Related Vulnerabilities
WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Request Forgery (5.2.5)
OpenVPN AS Other Vulnerability (CVE-2006-2229)
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2025-43819)
Microsoft SQL Server CVE-2023-36728 Vulnerability (CVE-2023-36728)
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.23.3)