Arbitrary File Write Vulnerability in Apache OpenMeetings Import/Export System Backups

Arbitrary File Write Vulnerability in Apache OpenMeetings Import/Export System Backups

CVE-2016-0784 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a .. (dot dot) in a ZIP archive entry.

Learn more about our Cis Benchmark Audit For Apache Http Server.