Vulnerabilities

CVE-2006-1128

by Fred · 09/03/2006

Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized.

Date published : 2006-03-09

http://www.securityfocus.com/bid/16948

http://archives.neohapsis.com/archives/bugtraq/2006-02/0621.html

Similar

Tags: Cybersecurity Alert