Vulnerabilities > CVE-2001-0900 - Directory Traversal vulnerability in Bharat Mediratta Gallery

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

francisco-burzi

nessus

exploit available

NVD

Published: 2001-11-18

Updated: 2017-10-10

Summary

Directory traversal vulnerability in modules.php in Gallery before 1.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the include parameter.

Vulnerable Configurations

Part	Description	Count
Application	Francisco_Burzi Francisco Burzi Gallery *	1

Exploit-Db

description	Bharat Mediratta Gallery 1.1/1.2 Directory Traversal Vulnerability. CVE-2001-0900. Webapps exploit for php platform
id	EDB-ID:21157
last seen	2016-02-02
modified	2001-11-19
published	2001-11-19
reporter	Cabezon Aurelien
source	https://www.exploit-db.com/download/21157/
title	bharat mediratta gallery 1.1/1.2 - Directory Traversal Vulnerability

Nessus

NASL family	CGI abuses
NASL id	PHP_NUKE_GALLERYADDON.NASL
description	The remote PHP-Nuke service has a version of the
last seen	2020-06-01
modified	2020-06-02
plugin id	10810
published	2001-11-25
reporter	This script is Copyright (C) 2001-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10810
title	PHP-Nuke Gallery Add-on modules.php include Parameter Traversal Arbitrary File Access

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References