Page 2 of 11 results (0.002 seconds)
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2018-10870 – redhat-certification: rhcertStore.py: __saveResultsFile allows to write any file
https://notcve.org/view.php?id=CVE-2018-10870
19 Jul 2018 — redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution. redhat-certification no sanea correctamente las rutas en rhcertStore.py:__saveResultsFile. Un atacante remoto podría emplear este error para sobrescribir cualquier archivo, pudiendo ejecutar código remotamente. It has been discovered that redhat-certification does not properly sanitize paths in rhcertStore.py:__save... • http://www.securityfocus.com/bid/104857 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •