ID CVE-2006-1480
Summary Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (%00) byte in the skin2 COOKIE parameter. Successful exploitation requires that the "magic_quotes_gpc" parameter is disabled.
References
Vulnerable Configurations
  • cpe:2.3:a:duda:webalbum:*:*:*:*:*:*:*:*
    cpe:2.3:a:duda:webalbum:*:*:*:*:*:*:*:*
CVSS
Base: 5.1 (as of 19-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
refmap via4
bid 17228
exploit-db 1608
osvdb 24160
secunia 19400
vupen ADV-2006-1108
xf webalbum-skin2-parameter-file-include(25443)
Last major update 19-10-2017 - 01:29
Published 29-03-2006 - 01:06
Back to Top