CVE-2006-0899 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-0899
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0899

Description: Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24938 SREASON http://securityreason.com/securityalert/518 SAID Secunia Advisory: SA19026 OSVDB 23529 MISC http://retrogod.altervista.org/4images_171_adv.html MILW0RM http://milw0rm.com/exploits/1533 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/426468/100/0/threaded BID 16855

Return to the previous page.