Vulnerability CVE-2004-1407


Published: 2004-12-31   Modified: 2012-02-12

Description:
Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Singapore -> Image gallery web application 

 References:
http://www.securityfocus.com/bid/11990
http://xforce.iss.net/xforce/xfdb/18532
http://xforce.iss.net/xforce/xfdb/18528
http://www.security.org.sg/vuln/singapore0910.html
http://marc.theaimsgroup.com/?l=bugtraq&m=110323479715051&w=2

Copyright 2024, cxsecurity.com

 

Back to Top