Security Advisory

CVE-2010-4406

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-12-04 23:00:00

Last updated 2024-08-07 03:43:14

Assigner mitre

State PUBLISHED

Description

Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.

← Browse all CVEs View on cve.org ↗