Summary
This host is running KoschtIT Image Gallery and is prone to multiple Directory Traversal vulnerabilities.
Impact
Successful exploitation will let the attacker execute arbitrary commands to retrieve local system related files and gain sensitive information.
Impact Level: Application
Solution
Upgrade to KoschtIT Image Gallery version 2.0 Beta 1 http://koschtit.tabere.net/en
Insight
Improper validation check while processing user supplied input in the file parameter for the files 'ki_makepic.php' and 'ki_nojsdisplayimage.php' under ki_base directory.
Affected
KoschtIT Image Gallery version 1.82 and prior
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-1510 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- Ad Manager Pro Multiple SQL Injection And XSS Vulnerabilities
- aflog Cookie-Based Authentication Bypass Vulnerability
- AlstraSoft AskMe Pro 'forum_answer.php' and 'profile.php' Multiple SQL Injection Vulnerabilities
- Apache Tomcat /servlet Cross Site Scripting