1. CVE-Search
  2. CVE-2006-3194
ID CVE-2006-3194
Summary Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:singapore:singapore:0.9.1_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.1_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.2_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.2_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.3_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.3_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.4_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.4_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.5_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.5_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.6_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.6_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.7_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.7_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.8_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.8_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.9a_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.9a_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.9b_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.9b_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.10:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.10_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.10_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.11_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.11_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9a_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9a_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.10.0:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 18-10-2018 - 16:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
refmap via4
bid 18518
bugtraq 20060618 singapore gallery <= 0.10.0 Multiple Vulnerabilities
secunia 20724
sreason 1135
vupen ADV-2006-2457
xf singapore-index-directory-traversal(27325)
Last major update 18-10-2018 - 16:46
Published 23-06-2006 - 00:02
Last modified 18-10-2018 - 16:46
Back to Top