Description
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
Remediation
References
Related Vulnerabilities
Ruby on Rails Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-5419)
WordPress Plugin WP Courses LMS Cross-Site Scripting (2.0.43)
SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-35808)
WordPress Plugin WooCommerce Privilege Escalation (3.5.0)
WordPress Plugin Gallery by BestWebSoft Cross-Site Scripting (4.4.9)