CVE-2006-7103

Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 and earlier, and possibly other versions before 1.3.2 Beta, allow remote attackers to (1) determine directory existence via a ".." in the album parameter in a show_album action to (a) ezgallery.php, which produces different responses depending on existence; and read arbitrary image files via a ".." in the album or (2) image parameter to (b) image.php.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html
http://securityreason.com/securityalert/2362
http://www.ezonlinegallery.com/changelog.txt	URL Repurposed
http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt	Exploit Patch
http://www.securityfocus.com/archive/1/449889/100/0/threaded
http://www.securityfocus.com/bid/20763	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29835
https://exchange.xforce.ibmcloud.com/vulnerabilities/29836
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html
http://securityreason.com/securityalert/2362
http://www.ezonlinegallery.com/changelog.txt	URL Repurposed
http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt	Exploit Patch
http://www.securityfocus.com/archive/1/449889/100/0/threaded
http://www.securityfocus.com/bid/20763	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29835
https://exchange.xforce.ibmcloud.com/vulnerabilities/29836

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ezonlinegallery:ezonlinegallery:0.9:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.0:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.1:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.2:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.3:beta::::::

History

21 Nov 2024, 00:24

Type	Values Removed	Values Added
References	~~() http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html -~~	() http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html -
References	~~() http://securityreason.com/securityalert/2362 -~~	() http://securityreason.com/securityalert/2362 -
References	~~() http://www.ezonlinegallery.com/changelog.txt - URL Repurposed~~	() http://www.ezonlinegallery.com/changelog.txt - URL Repurposed
References	~~() http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt - Exploit, Patch~~	() http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt - Exploit, Patch
References	~~() http://www.securityfocus.com/archive/1/449889/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/449889/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/20763 - Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/20763 - Patch, Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/29835 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/29835 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/29836 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/29836 -

14 Feb 2024, 01:17

Type	Values Removed	Values Added
References	~~() http://www.ezonlinegallery.com/changelog.txt -~~	() http://www.ezonlinegallery.com/changelog.txt - URL Repurposed

Information

Published : 2007-03-03 21:19

Updated : 2024-11-21 00:24

NVD link : CVE-2006-7103

Mitre link : CVE-2006-7103

CVE.ORG link : CVE-2006-7103

JSON object : View

Products Affected

ezonlinegallery

ezonlinegallery

CWE

NVD-CWE-Other

6.4 /10