Published: 31/01/2008 Updated: 15/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) prior to 1.4.15, when the ImageMagick picture processing method is configured, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
coppermine coppermine photo gallery

## # $Id: coppermine_piceditorrb 9671 2010-07-03 06:21:31Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

CWE-20 http://coppermine-gallery.net/forum/index.php?topic=50103.0 http://www.securityfocus.com/bid/27512 http://secunia.com/advisories/28682 http://www.waraxe.us/advisory-65.html http://www.securitytracker.com/id?1019286 http://www.vupen.com/english/advisories/2008/0367 https://www.exploit-db.com/exploits/5019 http://www.securityfocus.com/archive/1/487310/100/200/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/16909/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0506

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect