Vulnerability Details CVE-2006-5320
Directory traversal vulnerability in getimg.php in Album Photo Sans Nom 1.6 allows remote attackers to read arbitrary files via the img parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.157
EPSS Ranking 94.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://acid-root.new.fr/poc/13061007.txt
- http://secunia.com/advisories/22375
- http://www.attrition.org/pipermail/vim/2006-December/001193.html
- http://www.osvdb.org/29673
- http://www.securityfocus.com/archive/1/448096/100/0/threaded
- http://www.securityfocus.com/bid/20441
- http://www.vupen.com/english/advisories/2006/4008
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29473
- https://www.exploit-db.com/exploits/2507
- http://acid-root.new.fr/poc/13061007.txt
- http://secunia.com/advisories/22375
- http://www.attrition.org/pipermail/vim/2006-December/001193.html
- http://www.osvdb.org/29673
- http://www.securityfocus.com/archive/1/448096/100/0/threaded
- http://www.securityfocus.com/bid/20441
- http://www.vupen.com/english/advisories/2006/4008
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29473
- https://www.exploit-db.com/exploits/2507
Products affected by CVE-2006-5320
-
cpe:2.3:a:morian:album_photo_sans_nom:1.6