Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2006-5241

Published: 12/10/2006 Updated: 17/10/2018
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 515
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Easy Gallery

Vulnerability Summary

Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Gallery 1.4 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) file.php; (2) find_user.php, (3) lib_user.php, (4) lib_form_user.php, and (5) user.php in sw/lib_user/; (6) find_session.php and (7) session.php in sw/lib_session/; (8) comment.php and (9) lib_comment.php in sw/lib_comment/; and other unspecified PHP scripts.

Vulnerable Product Search on Vulmon Subscribe to Product

opendock easy gallery

Exploits

Exploit DB: OpenDock Easy Gallery 1.4 - 'doc_directory' File Inclusion
ECHO_ADV_52$2006 ----------------------------------------------------------------------------------------------- [ECHO_ADV_52$2006]OpenDock Easy Gallery <=14 (doc_directory) Multiple Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------------- Author : Dedi Dwiant ...

References

NVD-CWE-Otherhttp://advisories.echo.or.id/adv/adv52-theday-2006.txthttp://www.securityfocus.com/bid/20411http://secunia.com/advisories/22337http://securitytracker.com/id?1017021http://securityreason.com/securityalert/1708http://www.vupen.com/english/advisories/2006/3969https://exchange.xforce.ibmcloud.com/vulnerabilities/29417https://www.exploit-db.com/exploits/2497http://www.securityfocus.com/archive/1/448027/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/2497/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2024-34558CVE-2024-32674CVE-2024-34351XPath injectionCVE-2023-45866CVE-2024-25528CVE-2024-25517path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook