Description
Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request.
Remediation
References
Related Vulnerabilities
PHP Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2017-11144)
Sqlite Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19925)
Oracle Database Server CVE-2011-2244 Vulnerability (CVE-2011-2244)
WordPress Plugin Wallable-Social Networking Arbitrary File Upload (1.1)
WordPress Plugin Podlove Podcast Publisher Cross-Site Request Forgery (3.8.3)