CVE-2006-6119

Properties

Published:
25.11.2006
Updated:
26.02.2008
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Product:
mmgallery: mmgallery

Vulnerability description

mmgallery 1.55 allows remote attackers to obtain sensitive information via a direct request for thumbs.php, which reveals the installation path in various error messages.

References:

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/452558/100/0/threaded
SECTRACK: http://securitytracker.com/id?1017283
SECUNIA: http://secunia.com/advisories/23130
SREASON: http://securityreason.com/securityalert/1917