What is the severity of CVE-2006-1126?

CVE-2006-1126 is considered a mediumSeverity vulnerability as it allows attackers to spoof their IP addresses.

How do I fix CVE-2006-1126?

To fix CVE-2006-1126, upgrade Gallery to version 2.0.3 or later, which addresses this vulnerability.

What software is affected by CVE-2006-1126?

CVE-2006-1126 affects Gallery versions up to 2.0.2.

What types of attacks can CVE-2006-1126 lead to?

CVE-2006-1126 can lead to IP address spoofing attacks, allowing unauthorized access or manipulation of user sessions.

Is there a known exploit for CVE-2006-1126?

Yes, CVE-2006-1126 can be exploited by sending maliciously crafted HTTP requests with a spoofed X-Forwarded-For header.

Vulnerability/
CVE-2006-1126

medium

6.4

CWE

NVD-CWE-Other

9/3/2006

7/8/2024

CVE-2006-1126

First published: Thu Mar 09 2006(Updated: )

Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTE_ADDR.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
GalleryCMS	=2.0.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-1126?
CVE-2006-1126 is considered a mediumSeverity vulnerability as it allows attackers to spoof their IP addresses.
How do I fix CVE-2006-1126?
To fix CVE-2006-1126, upgrade Gallery to version 2.0.3 or later, which addresses this vulnerability.
What software is affected by CVE-2006-1126?
CVE-2006-1126 affects Gallery versions up to 2.0.2.
What types of attacks can CVE-2006-1126 lead to?
CVE-2006-1126 can lead to IP address spoofing attacks, allowing unauthorized access or manipulation of user sessions.
Is there a known exploit for CVE-2006-1126?
Yes, CVE-2006-1126 can be exploited by sending maliciously crafted HTTP requests with a spoofed X-Forwarded-For header.

agent/type
agent/remedy
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/author
agent/severity
agent/references
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/gallery project
canonical/gallerycms
version/gallerycms/2.0.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2006-1126

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-1126?

How do I fix CVE-2006-1126?

What software is affected by CVE-2006-1126?

What types of attacks can CVE-2006-1126 lead to?

Is there a known exploit for CVE-2006-1126?

Company

Resources

Contact