Apache OpenMeetings ZIP File Path Traversal (CVE-2016-0784)

A directory traversal vulnerability exists in Apache OpenMeetings in the Import/Export System Backups functionality. The vulnerability is due to missing file path validation on user-uploaded ZIP archives. Successful exploitation allows the attacker to execute arbitrary code under the security...

CVE-2016-0784

Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a .. dot dot in a ZIP archive entry...

CVE-2016-0784

CVE-2016-0784 is a directory traversal vulnerability in Apache OpenMeetings’ Import/Export System Backups. Versions before 3.1.1 are affected and allow remote authenticated administrators to write arbitrary files via crafted ZIP entries that use ".." in the path. Root cause: missing validation of...

CVE-2016-0784

Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a .. dot dot in a ZIP archive entry...