CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gallery Project: >> Gallery >> 2.0.3 Security Vulnerabilities

CVE-2006-1219

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

CVSS Score

5.0

EPSS Score

0.103

Published

2006-03-14

Page 1

Vulnerabilities

Vulnerable Software

Gallery Project: >> Gallery >> 2.0.3 Security Vulnerabilities

Products

Pricing

Contact Us