Information Disclosure Vulnerability in GPhotos 1.5 by GPhotos
CVE-2006-6248

Currently unrated

Key Information:

Vendor: Gphotos
Status: Gphotos
Vendor: CVE Published:; 4 December 2006

What is CVE-2006-6248?

GPhotos 1.5 contains a vulnerability in the index.php file that allows remote attackers to exploit an invalid 'rep' parameter. This exploitation can lead to sensitive information disclosure, specifically revealing the full filesystem path through error messages. Attackers can utilize this information to enhance their knowledge of the server environment, potentially leading to further attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30390

vdb-entryx_refsource_XF

http://www.securityfocus.com/archive/1/452025/100/200/thr...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/452099/100/200/thr...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2006
Vulnerability Reserved
Dec 3, 2006

CVE-2006-6248 Data

JSON

Gphotos

What is CVE-2006-6248?

References

Timeline