Vulnerability Details CVE-2005-3251
Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 77.0%
CVSS Severity
CVSS v2 Score 6.4
References
- http://dipper.info/security/20051012/
- http://gallery.menalto.com/gallery_2.0.1_released
- http://secunia.com/advisories/17205
- http://securityreason.com/securityalert/88
- http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html
- http://dipper.info/security/20051012/
- http://gallery.menalto.com/gallery_2.0.1_released
- http://secunia.com/advisories/17205
- http://securityreason.com/securityalert/88
- http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html
Products affected by CVE-2005-3251
-
cpe:2.3:a:gallery_project:gallery:2.0
-
cpe:2.3:a:gallery_project:gallery:2.0_alpha1
-
cpe:2.3:a:gallery_project:gallery:2.0_alpha2
-
cpe:2.3:a:gallery_project:gallery:2.0_alpha3
-
cpe:2.3:a:gallery_project:gallery:2.0_alpha4
-
cpe:2.3:a:gallery_project:gallery:2.0_beta1
-
cpe:2.3:a:gallery_project:gallery:2.0_beta2
-
cpe:2.3:a:gallery_project:gallery:2.0_beta3