CVE-2006-6185

Wabbit PHP Gallery 0.9 - Directory Traversal via Dir Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6185. PoCs published by the_Edit0r.

AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in Wabbit PHP Gallery, allowing attackers to read arbitrary files by manipulating the 'dir' parameter. No actual exploit code is present, only a description and example URL.

Description

Directory traversal vulnerability in script.php in Wabbit PHP Gallery 0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter to index.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by the_Edit0r · textwebappsphp

https://www.exploit-db.com/exploits/29145

View Code ZIP pw:eip

The provided text describes a directory traversal vulnerability in Wabbit PHP Gallery, allowing attackers to read arbitrary files by manipulating the 'dir' parameter. No actual exploit code is present, only a description and example URL.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Wabbit PHP Gallery (version unspecified)

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK