Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coppermine vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-1616
Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505.
Coppermine Coppermine Photo Gallery 1.4.22
1 EDB exploit
5
CVSSv2
CVE-2006-0872
Directory traversal vulnerability in init.inc.php in Coppermine Photo Gallery 1.4.3 and previous versions allows remote malicious users to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the lang parameter.
Coppermine Coppermine Photo Gallery 1.4.3
7.5
CVSSv2
CVE-2006-5622
SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote malicious users to execute arbitrary SQL commands via the aid parameter.
Coppermine Coppermine Photo Gallery 1.4.9
1 EDB exploit
7.5
CVSSv2
CVE-2006-4321
PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cpg) 1.0 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Coppermine Coppermine Photo Gallery 1.0
1 EDB exploit
3.5
CVSSv2
CVE-2015-3921
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery prior to 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.
Coppermine-gallery Coppermine Photo Gallery
5.8
CVSSv2
CVE-2015-3922
Open redirect vulnerability in mode.php in Coppermine Photo Gallery prior to 1.5.36 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter.
Coppermine-gallery Coppermine Photo Gallery
5
CVSSv2
CVE-2015-3923
Coppermine Photo Gallery prior to 1.5.36 allows remote malicious users to enumerate directories via a full path in the folder parameter to minibrowser.php.
Coppermine-gallery Coppermine Photo Gallery
7.5
CVSSv2
CVE-2007-4283
PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the sourcedir parameter.
Coppermine Coppermine Photo Gallery 1.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-1225
SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote malicious users to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php.
Coppermine Coppermine Photo Gallery 1.3.2
5
CVSSv2
CVE-2008-7186
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote malicious users to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.
Coppermine-gallery Coppermine Photo Gallery 1.4.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »