Directory traversal

2010-12-0613:37:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.3%

JSON

Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a …// (dot dot slash slash) in the repertoire parameter.

CPENameOperatorVersion
littlephpgalleryeq1.0.2

CPE	Name	Operator	Version
	littlephpgallery	eq	1.0.2

References

osvdb.org/69564

packetstormsecurity.org/files/view/96296/littlephpgallery-lfi.txt

secunia.com/advisories/42444

www.securityfocus.com/bid/45143

www.exploit-db.com/exploits/15656