6.5
CVE-2006-0587
- EPSS 2.68%
- Veröffentlicht 08.02.2006 01:02:00
- Zuletzt bearbeitet 16.06.2026 22:20:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gallery Project ≫ Gallery Version1.3.4
Gallery Project ≫ Gallery Version1.4
Gallery Project ≫ Gallery Version1.4.1
Gallery Project ≫ Gallery Version1.4.2
Gallery Project ≫ Gallery Version1.4.3_pl1
Gallery Project ≫ Gallery Version1.4.3_pl2
Gallery Project ≫ Gallery Version1.4.4_pl2
Gallery Project ≫ Gallery Version1.4.4_pl3
Gallery Project ≫ Gallery Version1.4.4_pl4
Gallery Project ≫ Gallery Version1.4.4_pl5
Gallery Project ≫ Gallery Version1.4_pl1
Gallery Project ≫ Gallery Version1.4_pl2
Gallery Project ≫ Gallery Version1.5
Gallery Project ≫ Gallery Version1.5.1
Gallery Project ≫ Gallery Version1.5.1_rc2
Gallery Project ≫ Gallery Version1.5.2_rc2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.68% | 0.838 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/bugtraq/2006-02/0224.html
http://archives.neohapsis.com/archives/bugtraq/2006-02/0286.html
http://gallery.menalto.com/gallery_1_5_2_pl2_security_release
http://secunia.com/advisories/18735
http://securitytracker.com/id?1015641
http://www.digitalarmaments.com/2006140293402395.html
http://www.osvdb.org/22944
http://www.osvdb.org/23256
http://www.securityfocus.com/bid/16533
https://exchange.xforce.ibmcloud.com/vulnerabilities/24538
https://exchange.xforce.ibmcloud.com/vulnerabilities/24768