EasyCTF vulnerable to arbitrary file creation
Overview EasyCTF is a server side CGI used to score CTF Capture The Flag. EasyCTF contains a vulnerability that may allow a remote attacker to create arbitrary files CWE-22. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...