Back to search
CVE-2006-1219
Published: Mar 14, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2006-0895
vdb-entry
x_refsource_VUPEN
http://gallery.menalto.com/2.0.4_and_2.1_rc_2a_update
x_refsource_CONFIRM
gallery-multiple-index-file-include(25129)
vdb-entry
x_refsource_XF
1566
exploit
x_refsource_EXPLOIT-DB
17051
vdb-entry
x_refsource_BID
19175
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now