PT-2006-6042 · Unknown · Album Photo Sans Nom

Darkfig

Publicado

2006-10-17

Atualizado

2018-10-17

CVE-2006-5320

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Album Photo Sans Nom version 1.6

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved via the img parameter in the "getimg.php" file.

Recommendations For Album Photo Sans Nom version 1.6, consider restricting access to the "getimg.php" file until a patch is available. As a temporary workaround, avoid using the img parameter in the affected API endpoint until the issue is resolved.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-5320

Produtos afetados

Album Photo Sans Nom

PT-2006-6042 · Unknown · Album Photo Sans Nom

CVE-2006-5320

Identificadores relacionados

Produtos afetados

Referências · 10