Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2398

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2398
Last Modified 07 Mar 2011 09:36:07
Published 15 May 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2398

Summary

Directory traversal vulnerability in index.php in GPhotos 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rep parameter.

Vulnerable Systems

Application

  • Gphotos 1.4

  • Gphotos 1.5


References

XF - gphotos-index-directory-traversal(26428)

VUPEN - ADV-2006-1806

BID - 17967

BUGTRAQ - 20061120 Re: GPhotos 1.5 Multiple vulnerabilities

BUGTRAQ - 20061118 GPhotos 1.5 Multiple vulnerabilities

BUGTRAQ - 20060513 Gphotos Directory Traversal and Cross Site Scripting

OSVDB - 25500

SECUNIA - 20095

SREASON - 906


Last Updated: 27 May 2016 10:42:27