Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coppermine coppermine photo gallery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0115
Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via the Username to login.php, which is injected into an error message in security.log.php, which can then be acce...
Coppermine Coppermine Photo Gallery
NA
CVE-2008-0506
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) prior to 1.4.15, when the ImageMagick picture processing method is configured, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval para...
Coppermine Coppermine Photo Gallery
1 EDB exploit
NA
CVE-2006-0873
Absolute path traversal vulnerability in docs/showdocs.php in Coppermine Photo Gallery 1.4.3 and previous versions allows remote malicious users to include arbitrary files via the f parameter, and possibly remote files using UNC share pathnames.
Coppermine Coppermine Photo Gallery 1.4.3
NA
CVE-2006-3064
SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo Gallery (CPG) 1.4.8, when "Keep detailed hit statistics" is enabled, allows remote malicious users to execute arbitrary SQL commands via the (1) referer and (2) user-agen...
Coppermine Coppermine Photo Gallery 1.4.8
NA
CVE-2006-6123
Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote malicious users to bypass XSS protection and set arbitrary variables via a query string that causes the variable to be defined in global space, with separate _GET, _REQUEST, or other critica...
Coppermine Coppermine Photo Gallery 1.4.8 Stable
NA
CVE-2006-1909
Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote malicious users to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences...
Coppermine Coppermine Photo Gallery 1.4.4
1 EDB exploit
NA
CVE-2005-1226
Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which allows remote malicious users to obtain sensitive information.
Coppermine Coppermine Photo Gallery 1.3.2
NA
CVE-2009-1616
Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505.
Coppermine Coppermine Photo Gallery 1.4.22
1 EDB exploit
NA
CVE-2006-0872
Directory traversal vulnerability in init.inc.php in Coppermine Photo Gallery 1.4.3 and previous versions allows remote malicious users to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the lang parameter.
Coppermine Coppermine Photo Gallery 1.4.3
NA
CVE-2006-5622
SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote malicious users to execute arbitrary SQL commands via the aid parameter.
Coppermine Coppermine Photo Gallery 1.4.9
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »