Vulnerabilities > CVE-2006-6347 - File-Upload vulnerability in TFT Gallery
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unrestricted file upload vulnerability in TFT-Gallery allows remote authenticated administrators to upload arbitrary .php files, possibly using admin/index.php. NOTE: this can be leveraged with CVE-2006-1412 to create a remote unauthenticated vector.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |