Lucene search

[email protected]CVE-2006-2295

HistoryMay 10, 2006 - 2:14 a.m.

CVE-2006-2295

2006-05-1002:14:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2295

directory traversal

dynamic galerie 1.0

remote attackers

access arbitrary files

absolute path

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.2%

JSON

Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.

CPENameOperatorVersion
timobraun:dynamic_galerietimobraun dynamic galerieeq1.0

CPE	Name	Operator	Version
timobraun:dynamic_galerie	timobraun dynamic galerie	eq	1.0

References

d4igoro.blogspot.com/2006/05/dynamic-galerie-10-path-traversal-xss.html

secunia.com/advisories/19995

www.securityfocus.com/bid/17896

www.vupen.com/english/advisories/2006/1699

exchange.xforce.ibmcloud.com/vulnerabilities/26322

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.2%

JSON

Related for CVE-2006-2295

prion1