CVE-2006-1219

Gallery <2.0.3 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1566

View Code ZIP pw:eip

References (6)

[Various Sources] http://gallery.menalto.com/2.0.4_and_2.1_rc_2a_update

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0895

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25129

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/1566

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/17051

[Patch, Vendor Advisory] http://secunia.com/advisories/19175

Scores

EPSS 0.1028

EPSS Percentile 93.2%

Details

Status published

Products (14)

gallery_project/gallery 2.0

gallery_project/gallery 2.0.1

gallery_project/gallery 2.0.2

gallery_project/gallery 2.0.3

gallery_project/gallery 2.0_alpha

gallery_project/gallery 2.0_alpha1

gallery_project/gallery 2.0_alpha2

gallery_project/gallery 2.0_alpha3

gallery_project/gallery 2.0_alpha4

gallery_project/gallery 2.0_beta1

... and 4 more

Published Mar 14, 2006

Tracked Since Feb 18, 2026