exploitDog

GHSA-723j-cqwr-hrh8

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

Ссылки

EPSS

Процентиль: 92%

0.10277

Средний

CVE ID

Связанные уязвимости

CVE-2006-1219

ubuntu

больше 19 лет назад

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

CVE-2006-1219

nvd

больше 19 лет назад

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

CVE-2006-1219

debian

больше 19 лет назад

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2. ...

EPSS

Процентиль: 92%

0.10277

Средний

CVE ID