|
|
CVE Reference: CVE-2006-1128 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1128 |
|
|
Description: Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25118 ST 1015717 SAID Secunia Advisory: SA19104 OSVDB 23597 MISC http://www.gulftech.org/?node=research&article_id=00106-03022006 CONFIRM http://gallery.menalto.com/gallery_2.0.3_released BUGTRAQ http://archives.neohapsis.com/archives/bugtraq/2006-02/0621.html BID 16948 |
|
| Return to the previous page. |
