Vulnerability Description
Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sanybee Gallery | Sanybee Gallery | 0.1.1 |
Related Weaknesses (CWE)
References
- http://osvdb.org/39784
- http://secunia.com/advisories/28270Vendor Advisory
- http://www.securityfocus.com/bid/27072Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39392
- https://www.exploit-db.com/exploits/4816
- http://osvdb.org/39784
- http://secunia.com/advisories/28270Vendor Advisory
- http://www.securityfocus.com/bid/27072Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39392
- https://www.exploit-db.com/exploits/4816
FAQ
What is CVE-2007-6648?
CVE-2007-6648 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parame...
How severe is CVE-2007-6648?
CVE-2007-6648 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6648?
Check the references section above for vendor advisories and patch information. Affected products include: Sanybee Gallery Sanybee Gallery.