Directory traversal vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter, which is not properly sanitized due to an rtrim function call with the arguments in the wrong order.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-04-25T10:00:00

Updated: 2024-08-07T17:35:31.291Z

Reserved: 2006-04-25T00:00:00

Link: CVE-2006-1995

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-04-25T12:50:00.000

Modified: 2024-11-21T00:10:16.717

Link: CVE-2006-1995

cve-icon Redhat

No data.