Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Fsphpgallery | Fsphpgallery | 0.2 (including) | 0.2 (including) |
| Fsphpgallery | Fsphpgallery | 0.3.1 (including) | 0.3.1 (including) |
| Fsphpgallery | Fsphpgallery | 1.0.1 (including) | 1.0.1 (including) |
| Fsphpgallery | Fsphpgallery | 1.1 (including) | 1.1 (including) |
References
- http://gallery.devrandom.org.uk/cgi-bin/viewcvs.cgi/fsphpgallery/ChangeLog?rev=HEAD\u0026amp%3Bcontent-type=text/vnd.viewcvs-markup
- http://secunia.com/advisories/13074
- http://securitytracker.com/id?1012063
- http://www.osvdb.org/11378
- http://www.securityfocus.com/bid/11594
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17950
- http://gallery.devrandom.org.uk/cgi-bin/viewcvs.cgi/fsphpgallery/ChangeLog?rev=HEAD\u0026amp%3Bcontent-type=text/vnd.viewcvs-markup
- http://secunia.com/advisories/13074
- http://securitytracker.com/id?1012063
- http://www.osvdb.org/11378
- http://www.securityfocus.com/bid/11594
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17950