CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Duda: >> Webalbum Security Vulnerabilities

CVE-2006-1480

Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (%00) byte in the skin2 COOKIE parameter.

CVSS Score

5.1

EPSS Score

0.062

Published

2006-03-29

Page 1

Vulnerabilities

Vulnerable Software

Duda: >> Webalbum Security Vulnerabilities

Products

Pricing

Contact Us