Lucene search
HistoryAug 12, 2008 - 7:41 p.m.
CVE-2008-3600
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.017
Percentile
87.9%
Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the phpEx parameter within a modload action.
Affected configurations
Node
menaltogalleryMatch1.5.7
ORmenaltogalleryMatch1.6alpha3
Related
prion
prion
Directory traversal
2008-08-12 19:41:00
cve
cve
CVE-2008-3600
2008-08-12 19:41:00
ubuntucve
ubuntucve
CVE-2008-3600
2008-08-12 00:00:00
cvelist
cvelist
CVE-2008-3600
2008-08-12 19:00:00
gentoo
gentoo
Gallery: Multiple vulnerabilities
2008-11-09 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200811-02 (gallery)
2008-11-19 00:00:00
Gentoo Security Advisory GLSA 200811-02 (gallery)
2008-11-19 00:00:00
nessus
nessus
GLSA-200811-02 : Gallery: Multiple vulnerabilities
2008-11-11 00:00:00
securityvulns
securityvulns
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.017
Percentile
87.9%
Related for NVD:CVE-2008-3600