Unrated severityNVD Advisory· Published Feb 27, 2006· Updated Apr 16, 2026

CVE-2006-0899

Description

Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.

Affected products

4images/Image Gallery Management System
cpe:2.3:a:4images:image_gallery_management_system:*:*:*:*:*:*:*:*
Range: <=1.7.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19026nvdVendor Advisory
retrogod.altervista.org/4images_171_adv.htmlnvd
securityreason.com/securityalert/518nvd
www.osvdb.org/23529nvd
www.securityfocus.com/archive/1/426468/100/0/threadednvd
www.securityfocus.com/bid/16855nvd
www.vupen.com/english/advisories/2006/0754nvd
exchange.xforce.ibmcloud.com/vulnerabilities/24938nvd
www.exploit-db.com/exploits/1533nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.015
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000