Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coppermine coppermine photo gallery vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-5888
Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) prior to 1.4.14 allows remote malicious users to inject arbitrary web script or HTML via the data parameter.
Coppermine Coppermine Photo Gallery
6.8
CVSSv2
CVE-2008-0506
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) prior to 1.4.15, when the ImageMagick picture processing method is configured, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval para...
Coppermine Coppermine Photo Gallery
1 EDB exploit
4.3
CVSSv2
CVE-2009-1616
Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505.
Coppermine Coppermine Photo Gallery 1.4.22
1 EDB exploit
5
CVSSv2
CVE-2006-0873
Absolute path traversal vulnerability in docs/showdocs.php in Coppermine Photo Gallery 1.4.3 and previous versions allows remote malicious users to include arbitrary files via the f parameter, and possibly remote files using UNC share pathnames.
Coppermine Coppermine Photo Gallery 1.4.3
7.5
CVSSv2
CVE-2007-4283
PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the sourcedir parameter.
Coppermine Coppermine Photo Gallery 1.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-3064
SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo Gallery (CPG) 1.4.8, when "Keep detailed hit statistics" is enabled, allows remote malicious users to execute arbitrary SQL commands via the (1) referer and (2) user-agen...
Coppermine Coppermine Photo Gallery 1.4.8
7.5
CVSSv2
CVE-2006-5622
SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote malicious users to execute arbitrary SQL commands via the aid parameter.
Coppermine Coppermine Photo Gallery 1.4.9
1 EDB exploit
7.5
CVSSv2
CVE-2005-1225
SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote malicious users to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php.
Coppermine Coppermine Photo Gallery 1.3.2
7.5
CVSSv2
CVE-2006-4321
PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cpg) 1.0 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Coppermine Coppermine Photo Gallery 1.0
1 EDB exploit
5
CVSSv2
CVE-2006-1909
Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote malicious users to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences...
Coppermine Coppermine Photo Gallery 1.4.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »