Directory Traversal Vulnerability in GPhotos by GPhotos
CVE-2006-2398

Currently unrated

Key Information:

Vendor

Gphotos

Status
Gphotos
Vendor
CVE Published:
16 May 2006

What is CVE-2006-2398?

The directory traversal vulnerability found in GPhotos versions 1.5 and earlier allows unauthorized remote attackers to access arbitrary files on the server. This exploitation occurs through crafted parameters in the request, particularly allowing attackers to use '../' sequences to navigate the file system. Such access can lead to sensitive information exposure, making it critical for users to apply the necessary security measures to protect against potential breaches.

References

http://www.securityfocus.com/bid/17967
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2006/1806
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/20095
third-party-advisoryx_refsource_SECUNIA

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.