Jbmc-Software: >> Directadmin >> 1.225 Security Vulnerabilities
CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
CVSS Score
8.5
EPSS Score
0.011
Published
2009-05-05
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
CVSS Score
6.9
EPSS Score
0.001
Published
2009-05-05