Description
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
Remediation
References
Related Vulnerabilities
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.18)
WordPress Plugin Easy Accordion-Best Accordion FAQ Cross-Site Scripting (2.0.21)
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1474)
Apache HTTP Server Other Vulnerability (CVE-2005-2728)
WordPress Plugin White Label CMS Cross-Site Request Forgery (1.5)