Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coppermine-gallery coppermine photo gallery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3923
Coppermine Photo Gallery prior to 1.5.36 allows remote malicious users to enumerate directories via a full path in the folder parameter to minibrowser.php.
Coppermine-gallery Coppermine Photo Gallery
NA
CVE-2015-3921
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery prior to 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.
Coppermine-gallery Coppermine Photo Gallery
6.1
CVSSv3
CVE-2014-4612
Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery prior to 1.5.27 and 1.6.x prior to 1.6.01 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Coppermine-gallery Coppermine Photo Gallery
NA
CVE-2008-7187
Coppermine Photo Gallery (CPG) 1.4.14 allows remote malicious users to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.
Coppermine-gallery Coppermine Photo Gallery 1.4.14
NA
CVE-2015-6528
Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote malicious users to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) d...
Coppermine-gallery Coppermine Photo Gallery 1.5.36
NA
CVE-2008-7186
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote malicious users to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.
Coppermine-gallery Coppermine Photo Gallery 1.4.14
NA
CVE-2011-3722
Coppermine Photo Gallery (CPG) 1.5.12 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files.
Coppermine-gallery Coppermine Photo Gallery 1.5.12
6.1
CVSSv3
CVE-2018-14478
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
Coppermine-gallery Coppermine Photo Gallery 1.5.46
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2