CVE-2006-0899

EPSS 18.55%
Published 27.02.2006 19:06:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

4images ≫ Image Gallery Management System Version <= 1.7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	18.55%	0.95

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://retrogod.altervista.org/4images_171_adv.html

http://secunia.com/advisories/19026

Vendor Advisory

http://securityreason.com/securityalert/518

http://www.osvdb.org/23529

http://www.securityfocus.com/archive/1/426468/100/0/threaded

http://www.securityfocus.com/bid/16855

http://www.vupen.com/english/advisories/2006/0754

https://exchange.xforce.ibmcloud.com/vulnerabilities/24938

https://www.exploit-db.com/exploits/1533

https://nvd.nist.gov/vuln/detail/CVE-2006-0899

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0899

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0899

EUVD