Описание
Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter.
Ссылки
- ExploitVendor Advisory
- Patch
- Vendor Advisory
- ExploitVendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gallery_project:gallery:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gallery_project:gallery:2.0_alpha1:*:*:*:*:*:*:*
cpe:2.3:a:gallery_project:gallery:2.0_alpha2:*:*:*:*:*:*:*
cpe:2.3:a:gallery_project:gallery:2.0_alpha3:*:*:*:*:*:*:*
cpe:2.3:a:gallery_project:gallery:2.0_alpha4:*:*:*:*:*:*:*
cpe:2.3:a:gallery_project:gallery:2.0_beta1:*:*:*:*:*:*:*
cpe:2.3:a:gallery_project:gallery:2.0_beta2:*:*:*:*:*:*:*
cpe:2.3:a:gallery_project:gallery:2.0_beta3:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01598
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 20 лет назад
Directory traversal vulnerability in the gallery script in Gallery 2.0 ...
github
больше 3 лет назад
Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter.
EPSS
Процентиль: 81%
0.01598
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other