Description
Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Church Admin Cross-Site Scripting (0.800)
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-45152)
Ruby Improper Input Validation Vulnerability (CVE-2011-2705)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.12)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-0214)