Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coppermine-gallery vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2014-4612
Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery prior to 1.5.27 and 1.6.x prior to 1.6.01 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Coppermine-gallery Coppermine Photo Gallery
NA
CVE-2015-3921
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery prior to 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.
Coppermine-gallery Coppermine Photo Gallery
NA
CVE-2015-3922
Open redirect vulnerability in mode.php in Coppermine Photo Gallery prior to 1.5.36 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter.
Coppermine-gallery Coppermine Photo Gallery
NA
CVE-2015-3923
Coppermine Photo Gallery prior to 1.5.36 allows remote malicious users to enumerate directories via a full path in the folder parameter to minibrowser.php.
Coppermine-gallery Coppermine Photo Gallery
NA
CVE-2015-6528
Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote malicious users to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) d...
Coppermine-gallery Coppermine Photo Gallery 1.5.36
NA
CVE-2008-7187
Coppermine Photo Gallery (CPG) 1.4.14 allows remote malicious users to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.
Coppermine-gallery Coppermine Photo Gallery 1.4.14
6.1
CVSSv3
CVE-2018-14478
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
Coppermine-gallery Coppermine Photo Gallery 1.5.46
NA
CVE-2011-3722
Coppermine Photo Gallery (CPG) 1.5.12 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files.
Coppermine-gallery Coppermine Photo Gallery 1.5.12
NA
CVE-2008-7186
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote malicious users to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.
Coppermine-gallery Coppermine Photo Gallery 1.4.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2