CVE-2008-1730

ARWScripts Gallery Script Lite - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by JIKO · textwebappsphp

https://www.exploit-db.com/exploits/5419

View Code ZIP pw:eip

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/44253

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5419

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29746

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/41742

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/28718

Scores

EPSS 0.0451

EPSS Percentile 89.2%

Details

CWE

CWE-22

Status published

Products (1)

arwscripts/gallery_script_lite

Published Apr 11, 2008

Tracked Since Feb 18, 2026