Privilege escalation using sourcefilename #46
Description
Hi Richard,
I have found another privilege escalation but this time using the sourcefilename. When adding "../../" before the actual file name you can store the file in another directory. If you store the file into the web directory you can execute php code by doing a request to the website. After this you can patch runguard and gain root.
Here is the affected line in the source code: Link
Sincerely,
Marlon