2 matches found
CVE-2006-6068
Directory traversal vulnerability in the cachedalbum function in functions.php for mAlbum 0.3 and earlier allows remote attackers to list filenames of arbitrary images via a .. dot dot in the gal parameter to index.php...
CVE-2006-6068
The CVE-2006-6068 entry concerns a directory traversal in the mAlbum 0.3 and earlier release. The vulnerability occurs in the cached_album function in functions.php, where user input passed via the gal parameter to index.php can be traversed using dot-dot sequences to list filenames of arbitrary ...