Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6323

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6323
Last Modified 15 Nov 2008 02:04:13
Published 13 Dec 2007 02:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6323

Summary

Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in mms_template/.

Vulnerable Systems

Application

  • Mms Gallery Php 1.0


References

MILW0RM - 4728

OSVDB - 39149

OSVDB - 39148

XF - mmsgallery-id-directory-traversal(39014)

BID - 26852

SECUNIA - 28075


Last Updated: 27 May 2016 10:46:28