Vulnerability Description
index.php in w00t Gallery 1.4.0 allows remote authenticated users with privileges for one installation to gain access to other installations on the same web server, aka "multi-gallery admin session spanning." NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| W00T Gallery | W00T Gallery | 1.4.0 |
References
- http://secunia.com/advisories/23383PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=471109Patch
- http://www.securityfocus.com/bid/21590
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30886
- http://secunia.com/advisories/23383PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=471109Patch
- http://www.securityfocus.com/bid/21590
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30886
FAQ
What is CVE-2006-6616?
CVE-2006-6616 is a vulnerability with a CVSS score of 6.0 (MEDIUM). index.php in w00t Gallery 1.4.0 allows remote authenticated users with privileges for one installation to gain access to other installations on the same web server, aka "multi-gallery admin session sp...
How severe is CVE-2006-6616?
CVE-2006-6616 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6616?
Check the references section above for vendor advisories and patch information. Affected products include: W00T Gallery W00T Gallery.