CVE-2006-5205

2006-10-0919:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

Directory traversal vulnerability in Invision Gallery 2.0.7 allows remote attackers to read arbitrary files via a … (dot dot) sequence in the dir parameter in (1) index.php and (2) forum/index.php, when the viewimage command in the gallery module is used.

References

secunia.com/advisories/22400

www.securityfocus.com/bid/20328

exchange.xforce.ibmcloud.com/vulnerabilities/29334

www.exploit-db.com/exploits/2473