exploitDog

CVE-2006-5205

Опубликовано: 10 окт. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in Invision Gallery 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the dir parameter in (1) index.php and (2) forum/index.php, when the viewimage command in the gallery module is used.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:invision_power_services:invision_gallery:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:invision_power_services:invision_gallery:1.3:*:*:*:*:*:*:*

cpe:2.3:a:invision_power_services:invision_gallery:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:invision_power_services:invision_gallery:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:invision_power_services:invision_gallery:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:invision_power_services:invision_gallery:2.0.7:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05285

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rfx4-v9xq-8cgh

github

почти 4 года назад

Directory traversal vulnerability in Invision Gallery 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the dir parameter in (1) index.php and (2) forum/index.php, when the viewimage command in the gallery module is used.

EPSS

Процентиль: 90%

0.05285

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other