CVE-2006-2014

Name of the Vulnerable Software and Affected Versions SL site version 1.0

Description A directory traversal issue exists due to improper handling of the rep parameter in gallerie.php, allowing remote attackers to list images in arbitrary directories by using ".." sequences. This could potentially lead to resultant XSS from an error message.

Recommendations For SL site version 1.0, as a temporary workaround, consider restricting access to the gallerie.php file until a proper fix is applied, and avoid using the rep parameter in a way that could facilitate directory traversal attacks.