2 matches found
Directory traversal
Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by 1 injecting code into local log files via GET commands, then 2 accessing that log via a .. dot dot sequence and a trailing null %00 byte in the skin2 COOKIE...
CVE-2006-1480
Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by 1 injecting code into local log files via GET commands, then 2 accessing that log via a .. dot dot sequence and a trailing null %00 byte in the skin2 COOKIE...