CVE-2006-2014 in Sl Siteinfo

Summary

Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list images in arbitrary directories via ".." sequences in the rep parameter, which is used to construct a directory name in admin/config.inc.php. NOTE: this issue could be used to produce resultant XSS from an error message.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

04/25/2006

Disclosure

04/25/2006

Moderation

VulDB entry created

Entries

1: VDB-29887

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.01030

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2006-2014
NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2014
CVE Details	https://www.cvedetails.com/cve/CVE-2006-2014/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!