CVE-2006-1128

Gallery 2 <2.0.2 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized.

Exploits (1)

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/43837

View Code ZIP pw:eip

References (9)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2006-02/0621.html

[Patch, Vendor Advisory] http://secunia.com/advisories/19104

[Patch] http://securitytracker.com/id?1015717

[Various Sources] http://gallery.menalto.com/gallery_2.0.3_released

[Various Sources] http://www.gulftech.org/?node=research&article_id=00106-03022006

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/16948

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25118

[Third Party Advisory, VDB Entry] http://www.osvdb.org/23597

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0813

Scores

EPSS 0.1103

EPSS Percentile 93.5%

Details

Status published

Products (11)

gallery_project/gallery 2.0

gallery_project/gallery 2.0.1

gallery_project/gallery 2.0.2

gallery_project/gallery 2.0_alpha

gallery_project/gallery 2.0_alpha1

gallery_project/gallery 2.0_alpha2

gallery_project/gallery 2.0_alpha3

gallery_project/gallery 2.0_alpha4

gallery_project/gallery 2.0_beta1

gallery_project/gallery 2.0_beta2

... and 1 more

Published Mar 09, 2006

Tracked Since Feb 18, 2026