Description
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
Remediation
References
Related Vulnerabilities
SharePoint CVE-2023-33157 Vulnerability (CVE-2023-33157)
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.4.4)
MySQL CVE-2020-14868 Vulnerability (CVE-2020-14868)
WordPress Plugin WPJobBoard Multiple Cross-Site Scripting Vulnerabilities (4.5.1)
WordPress Plugin Simple Job Board Directory Traversal (2.9.3)