KoschtIT Image Gallery Multiple Directory Traversal Vulnerabilities Network Vulnerability

Summary

This host is running KoschtIT Image Gallery and is prone to multiple Directory Traversal vulnerabilities.

Impact

Successful exploitation will let the attacker execute arbitrary commands to retrieve local system related files and gain sensitive information. Impact Level: Application

Solution

Upgrade to KoschtIT Image Gallery version 2.0 Beta 1 http://koschtit.tabere.net/en

Insight

Improper validation check while processing user supplied input in the file parameter for the files 'ki_makepic.php' and 'ki_nojsdisplayimage.php' under ki_base directory.

Affected

KoschtIT Image Gallery version 1.82 and prior

References

http://en.securitylab.ru/nvd/378734.php
http://koschtit.tabere.net/forum/showthread.php?tid=6

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1510

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14
Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
admin.cgi overflow
3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
ApPHP MicroBlog Remote Code Execution Vulnerability

Take action and discover your vulnerabilities