CVE-2007-6323

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
13/12/2007
Last modified:
09/04/2025

Description

Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in mms_template/.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mms_gallery:mms_gallery_php:1.0:*:*:*:*:*:*:*