An issue exists in Froxlor prior to 0.10.14. It created files with static names in /tmp during installation if the installation directory was not writable. This allowed local malicious users to cause DoS or disclose information out of the config files, because of _createUserdataConf in install/lib/class.FroxlorInstall.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
froxlor froxlor |