Vulnerabilities > Jbmc Software > Directadmin > 1.294
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-05 | CVE-2009-1526 | Link Following vulnerability in Jbmc-Software Directadmin JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action. | 6.9 |
2009-05-05 | CVE-2009-1525 | Improper Input Validation vulnerability in Jbmc-Software Directadmin CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action. | 8.5 |