22 matches found
JVN#07538357: EasyCTF vulnerable to cross-site scripting
EasyCTF is a server side CGI used to score CTF Capture The Flag. EasyCTF contains a cross-site scripting vulnerability CWE-79 that can be leveraged by an attacker created account. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the late...
JVN#67520407: EasyCTF vulnerable to arbitrary file creation
EasyCTF is a server side CGI used to score CTF Capture The Flag. EasyCTF contains a vulnerability that may allow a remote attacker to create arbitrary files CWE-22. Impact An arbitrary file created by an attacker may result in arbitrary code being executed on the server. Solution Update the...