Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4807

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-4807
Last Modified 10 Feb 2012 12:00:00
Published 13 Dec 2011 07:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4807

Summary

Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter.

Vulnerable Systems

Application

  • Phpalbum 0.2.1

  • Phpalbum 0.2.2

  • Phpalbum 0.2.3

  • Phpalbum 0.2.4

  • Phpalbum 0.3.0

  • Phpalbum 0.3.1

  • Phpalbum 0.3.2

  • Phpalbum 0.4.1-14

  • Phpalbum 0.4.1.14

  • Phpalbum 0.4.1.15

  • Phpalbum 0.4.1.16


References

EXPLOIT-DB - 18045


Last Updated: 27 May 2016 10:57:54