Description
Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by LiquidWorm · textwebappsphp
https://www.exploit-db.com/exploits/18827
References (3)
Core 3
Core References
Exploit x_refsource_misc
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5086.php
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18827
Scores
EPSS
0.0688
EPSS Percentile
91.4%
Details
CWE
CWE-200
Status
published
Products (12)
babygekko/baby_gekko
0.90
babygekko/baby_gekko
0.91
babygekko/baby_gekko
0.98 alpha
babygekko/baby_gekko
0.99 beta
babygekko/baby_gekko
1.0.0
babygekko/baby_gekko
1.0.1
babygekko/baby_gekko
1.1.0
babygekko/baby_gekko
1.1.1
babygekko/baby_gekko
1.1.2
babygekko/baby_gekko
1.1.3
... and 2 more
Published
Jul 03, 2012
Tracked Since
Feb 18, 2026