Vulnerabilities > CVE-2007-0329 - Directory Traversal vulnerability in Jv2 Folder Gallery
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | JV2 Folder Gallery 3.0 (download.php) Remote File Disclosure Exploit. CVE-2007-0329. Webapps exploit for php platform |
| file | exploits/php/webapps/3125.c |
| id | EDB-ID:3125 |
| last seen | 2016-01-31 |
| modified | 2007-01-14 |
| platform | php |
| port | |
| published | 2007-01-14 |
| reporter | PeTrO |
| source | https://www.exploit-db.com/download/3125/ |
| title | JV2 Folder Gallery 3.0 - download.php Remote File Disclosure Exploit |
| type | webapps |