Skip to main content

CVE-2006-6347

Severity Medium
Score 6.5/10

Summary

Unrestricted file upload vulnerability in TFT-Gallery allows remote authenticated administrators to upload arbitrary .php files, possibly using admin/index.php. NOTE: this can be leveraged with CVE-2006-1412 to create a remote unauthenticated vector.

  • LOW
  • NETWORK
  • SINGLE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published