Vulnerability Description
sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Paul Griffin | Simple Php Gallery | 1.1 |
References
- http://securityreason.com/securityalert/1967
- http://www.securityfocus.com/archive/1/452555/100/100/threaded
- http://www.securityfocus.com/archive/1/455359/100/0/threaded
- http://securityreason.com/securityalert/1967
- http://www.securityfocus.com/archive/1/452555/100/100/threaded
- http://www.securityfocus.com/archive/1/455359/100/0/threaded
FAQ
What is CVE-2006-6273?
CVE-2006-6273 is a vulnerability with a CVSS score of 7.5 (HIGH). sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message.
How severe is CVE-2006-6273?
CVE-2006-6273 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6273?
Check the references section above for vendor advisories and patch information. Affected products include: Paul Griffin Simple Php Gallery.