CVE-2006-0872 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-0872
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0872

Description: Directory traversal vulnerability in init.inc.php in Coppermine Photo Gallery 1.4.3 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the lang parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24814 ST 1015646 SAID Secunia Advisory: SA18941 MISC http://retrogod.altervista.org/cpg_143_incl_xpl.html http://retrogod.altervista.org/cpg_143_adv.html CONFIRM http://coppermine-gallery.net/forum/index.php?topic=28062.0 BUGTRAQ http://www.securityfocus.com/archive/1/425387 BID 16718

Return to the previous page.