CVE-2006-0873 — Photo Gallery vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 25.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Coppermine Photo Gallery

Timeline

PublishedFeb 24

Latest updateMay 1

Description

Absolute path traversal vulnerability in docs/showdocs.php in Coppermine Photo Gallery 1.4.3 and earlier allows remote attackers to include arbitrary files via the f parameter, and possibly remote files using UNC share pathnames.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcoppermine/coppermine_photo_gallery1.4.3

Patches

Patch: coppermine-gallery.net ↗Patch: coppermine-gallery.net ↗

🔴Vulnerability Details

GHSA

GHSA-wg66-7h48-rjc8: Absolute path traversal vulnerability in docs/showdocs↗2022-05-01

▶

CVEList

CVE-2006-0873: Absolute path traversal vulnerability in docs/showdocs↗2006-02-24

▶