CVE-2007-0329

Joonas Viljanen Jv2 Folder Gallery - Path Traversal

Title source: rule

Description

download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED

by PeTrO · cwebappsphp

https://www.exploit-db.com/exploits/3125

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/23724

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/0180

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3125

[Third Party Advisory, VDB Entry] http://osvdb.org/32811

Scores

EPSS 0.0703

EPSS Percentile 91.5%

Details

Status published

Products (1)

joonas_viljanen/jv2_folder_gallery

Published Jan 18, 2007

Tracked Since Feb 18, 2026