CVE-2006-7103 - Vulnerability Details - OpenCVE

Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 and earlier, and possibly other versions before 1.3.2 Beta, allow remote attackers to (1) determine directory existence via a ".." in the album parameter in a show_album action to (a) ezgallery.php, which produces different responses depending on existence; and read arbitrary image files via a ".." in the album or (2) image parameter to (b) image.php.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ezonlinegallery	Ezonlinegallery

Configuration 1 [-]

OR	cpe:2.3:a:ezonlinegallery:ezonlinegallery:0.9:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.0:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.1:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.2:beta::::::
	cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.3:beta::::::

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html
http://securityreason.com/securityalert/2362
http://www.ezonlinegallery.com/changelog.txt
http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt
http://www.securityfocus.com/archive/1/449889/100/0/threaded
http://www.securityfocus.com/bid/20763
https://exchange.xforce.ibmcloud.com/vulnerabilities/29835
https://exchange.xforce.ibmcloud.com/vulnerabilities/29836

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-03T21:00:00

Updated: 2024-08-07T20:50:06.111Z

Reserved: 2007-03-03T00:00:00

Link: CVE-2006-7103

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-03-03T21:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2006-7103

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-26T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 and earlier, and possibly other versions before 1.3.2 Beta, allow remote attackers to (1) determine directory existence via a \"..\" in the album parameter in a show_album action to (a) ezgallery.php, which produces different responses depending on existence; and read arbitrary image files via a \"..\" in the album or (2) image parameter to (b) image.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.ezonlinegallery.com/changelog.txt"}, {"name": "20763", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20763"}, {"name": "ezonlinegallery-image-directory-traversal(29836)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29836"}, {"name": "20061027 MHL-2006-003 Public Advisory: \"ezOnlineGallery\" Multiple Security Issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/449889/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt"}, {"name": "ezonlinegallery-ezgallery-path-disclosure(29835)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29835"}, {"name": "20061027 MHL-2006-003 Public Advisory: \"ezOnlineGallery\" Multiple Security Issues", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html"}, {"name": "2362", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2362"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-7103", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 and earlier, and possibly other versions before 1.3.2 Beta, allow remote attackers to (1) determine directory existence via a \"..\" in the album parameter in a show_album action to (a) ezgallery.php, which produces different responses depending on existence; and read arbitrary image files via a \"..\" in the album or (2) image parameter to (b) image.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.ezonlinegallery.com/changelog.txt", "refsource": "CONFIRM", "url": "http://www.ezonlinegallery.com/changelog.txt"}, {"name": "20763", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20763"}, {"name": "ezonlinegallery-image-directory-traversal(29836)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29836"}, {"name": "20061027 MHL-2006-003 Public Advisory: \"ezOnlineGallery\" Multiple Security Issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/449889/100/0/threaded"}, {"name": "http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt", "refsource": "MISC", "url": "http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt"}, {"name": "ezonlinegallery-ezgallery-path-disclosure(29835)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29835"}, {"name": "20061027 MHL-2006-003 Public Advisory: \"ezOnlineGallery\" Multiple Security Issues", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html"}, {"name": "2362", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2362"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:50:06.111Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ezonlinegallery.com/changelog.txt"}, {"name": "20763", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20763"}, {"name": "ezonlinegallery-image-directory-traversal(29836)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29836"}, {"name": "20061027 MHL-2006-003 Public Advisory: \"ezOnlineGallery\" Multiple Security Issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/449889/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt"}, {"name": "ezonlinegallery-ezgallery-path-disclosure(29835)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29835"}, {"name": "20061027 MHL-2006-003 Public Advisory: \"ezOnlineGallery\" Multiple Security Issues", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html"}, {"name": "2362", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2362"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-7103", "datePublished": "2007-03-03T21:00:00", "dateReserved": "2007-03-03T00:00:00", "dateUpdated": "2024-08-07T20:50:06.111Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ezonlinegallery:ezonlinegallery:0.9:beta:*:*:*:*:*:*", "matchCriteriaId": "09F29E74-B330-4006-A525-16DC7CF10C38", "vulnerable": true}, {"criteria": "cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "81DB3DAA-0206-4A6B-AA4F-F03474CE7E32", "vulnerable": true}, {"criteria": "cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.1:beta:*:*:*:*:*:*", "matchCriteriaId": "59A5DDFE-A6BF-4E17-BF6D-469CFD02215A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.2:beta:*:*:*:*:*:*", "matchCriteriaId": "6037CE73-67C7-4007-A162-C7A0CEC5C294", "vulnerable": true}, {"criteria": "cpe:2.3:a:ezonlinegallery:ezonlinegallery:1.3:beta:*:*:*:*:*:*", "matchCriteriaId": "2F024270-0441-4751-8BCA-A6376E3BB16E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 and earlier, and possibly other versions before 1.3.2 Beta, allow remote attackers to (1) determine directory existence via a \"..\" in the album parameter in a show_album action to (a) ezgallery.php, which produces different responses depending on existence; and read arbitrary image files via a \"..\" in the album or (2) image parameter to (b) image.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de escalado de directorio en EZOnlineGallery 1.3 y versiones anteriores y, posiblemente, en otras versiones anteriores a la 1.3.2 Beta, permiten a atacantes remotos (1) determinar la existencia de directorios mediante \"..\" en el par\u00e1metro album de la acci\u00f3n show_album del (a) ezgallery.php, lo que produce diferentes respuestas dependiendo de la existencia; y leer ficheros de im\u00e1genes de su elecci\u00f3n mediante \"..\" en el album o en el par\u00e1metro (2) image en el (b) image.php."}], "id": "CVE-2006-7103", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-03T21:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/2362"}, {"source": "cve@mitre.org", "tags": ["URL Repurposed"], "url": "http://www.ezonlinegallery.com/changelog.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/449889/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/20763"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29835"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29836"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050364.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/2362"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["URL Repurposed"], "url": "http://www.ezonlinegallery.com/changelog.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.mayhemiclabs.com/advisories/MHL-2006-003.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/449889/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/20763"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29835"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29836"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}