Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter.
References
Link | Resource |
---|---|
http://dipper.info/security/20051012/ | Exploit Vendor Advisory |
http://gallery.menalto.com/gallery_2.0.1_released | Patch |
http://secunia.com/advisories/17205 | |
http://securityreason.com/securityalert/88 | |
http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-10-17 20:06
Updated : 2024-02-28 10:42
NVD link : CVE-2005-3251
Mitre link : CVE-2005-3251
CVE.ORG link : CVE-2005-3251
JSON object : View
Products Affected
gallery_project
- gallery
CWE