CVE-2006-0899

EPSS 18.55%
Veröffentlicht 27.02.2006 19:06:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

4images ≫ Image Gallery Management System Version <= 1.7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	18.55%	0.95

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://retrogod.altervista.org/4images_171_adv.html

http://secunia.com/advisories/19026

Vendor Advisory

http://securityreason.com/securityalert/518

http://www.osvdb.org/23529

http://www.securityfocus.com/archive/1/426468/100/0/threaded

http://www.securityfocus.com/bid/16855

http://www.vupen.com/english/advisories/2006/0754

https://exchange.xforce.ibmcloud.com/vulnerabilities/24938

https://www.exploit-db.com/exploits/1533

https://nvd.nist.gov/vuln/detail/CVE-2006-0899

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0899

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0899

EUVD