1. CVE-Search
  2. CVE-2006-1128
ID CVE-2006-1128
Summary Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized.
References
Vulnerable Configurations
  • cpe:2.3:a:gallery_project:gallery:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_alpha:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_alpha:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_alpha1:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_alpha1:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_alpha2:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_alpha2:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_alpha3:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_alpha3:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_alpha4:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_alpha4:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_beta1:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_beta1:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_beta2:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_beta2:*:*:*:*:*:*:*
  • cpe:2.3:a:gallery_project:gallery:2.0_beta3:*:*:*:*:*:*:*
    cpe:2.3:a:gallery_project:gallery:2.0_beta3:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 20-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
refmap via4
bid 16948
bugtraq 20060303 Gallery 2 Multiple Vulnerabilities
confirm http://gallery.menalto.com/gallery_2.0.3_released
misc http://www.gulftech.org/?node=research&article_id=00106-03022006
osvdb 23597
sectrack 1015717
secunia 19104
vupen ADV-2006-0813
xf gallery-sessionid-bypass-security(25118)
Last major update 20-07-2017 - 01:30
Published 09-03-2006 - 22:02
Last modified 20-07-2017 - 01:30
Back to Top