Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1702

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1702
Last Modified 15 Oct 2009 12:00:00
Published 08 Apr 2008 02:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1702

Summary

Absolute path traversal vulnerability in dload.php in the my_gallery 2.3 plugin for e107 allows remote attackers to obtain sensitive information via a full pathname in the file parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • E107 My Gallery 2.3


References

XF - mygallery-dload-file-download(41433)

BID - 28440

BUGTRAQ - 20080325 e107 My_Gallery Plugin Arbitrary File Download Vulnerability

MILW0RM - 5308

SREASON - 3801

SECUNIA - 29493


Last Updated: 27 May 2016 10:47:38