Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2012-1614

Published: 04/09/2012 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Coppermine-gallery

Vulnerability Summary

Coppermine Photo Gallery prior to 1.5.20 allows remote malicious users to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or (6) older_than parameter to search.inc.php, which reveals the installation path in an error message.

Vulnerable Product Search on Vulmon Subscribe to Product

coppermine-gallery coppermine photo gallery 1.4.17

coppermine-gallery coppermine photo gallery 1.5.8

coppermine-gallery coppermine photo gallery 1.4.11

coppermine-gallery coppermine photo gallery 1.4.19

coppermine-gallery coppermine photo gallery 1.4.14

coppermine-gallery coppermine photo gallery 1.2.0

coppermine-gallery coppermine photo gallery 1.4.8

coppermine-gallery coppermine photo gallery 1.2.1

coppermine-gallery coppermine photo gallery 1.4.23

coppermine-gallery coppermine photo gallery 1.4.22

coppermine-gallery coppermine photo gallery 1.4.7

coppermine-gallery coppermine photo gallery 1.4.0

coppermine-gallery coppermine photo gallery 1.5.4

coppermine-gallery coppermine photo gallery 1.4.2

coppermine-gallery coppermine photo gallery 1.4.26

coppermine-gallery coppermine photo gallery 1.4.16

coppermine-gallery coppermine photo gallery 1.5.10

coppermine-gallery coppermine photo gallery 1.4.3

coppermine-gallery coppermine photo gallery 1.2

coppermine-gallery coppermine photo gallery 1.5.14

coppermine-gallery coppermine photo gallery 1.5.6

coppermine-gallery coppermine photo gallery 1.5.16

coppermine-gallery coppermine photo gallery 1.4.15

coppermine-gallery coppermine photo gallery 1.0

coppermine-gallery coppermine photo gallery 1.4.5

coppermine-gallery coppermine photo gallery 1.1

coppermine-gallery coppermine photo gallery 1.3.2

coppermine-gallery coppermine photo gallery 1.4

coppermine-gallery coppermine photo gallery 1.4.4

coppermine-gallery coppermine photo gallery 1.4.21

coppermine-gallery coppermine photo gallery 1.3.4

coppermine-gallery coppermine photo gallery 1.4.20

coppermine-gallery coppermine photo gallery 1.5.12

coppermine-gallery coppermine photo gallery 1.3.3

coppermine-gallery coppermine photo gallery 1.4.9

coppermine-gallery coppermine photo gallery 1.4.12

coppermine-gallery coppermine photo gallery 1.4.27

coppermine-gallery coppermine photo gallery 1.4.13

coppermine-gallery coppermine photo gallery 1.3.1

coppermine-gallery coppermine photo gallery 1.4.10

coppermine-gallery coppermine photo gallery 1.3.5

coppermine-gallery coppermine photo gallery 1.4.6

coppermine-gallery coppermine photo gallery 1.4.1

coppermine-gallery coppermine photo gallery 1.3.0

coppermine-gallery coppermine photo gallery 1.5.1

coppermine-gallery coppermine photo gallery 1.1.0

coppermine-gallery coppermine photo gallery 1.4.24

coppermine-gallery coppermine photo gallery 1.4.25

coppermine-gallery coppermine photo gallery 1.5.2

coppermine-gallery coppermine photo gallery 1.5.3

coppermine-gallery coppermine photo gallery

coppermine-gallery coppermine photo gallery 1.4.18

Exploits

Exploit DB: coppermine 1.5.18 - Multiple Vulnerabilities
[waraxe-2012-SA#081] - Multiple Vulnerabilities in Coppermine 1518 ============================================================================== Author: Janek Vind "waraxe" Date: 29 March 2012 Location: Estonia, Tartu Web: wwwwaraxeus/advisory-81html Affected Software: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ...

References

CWE-200http://www.securityfocus.com/bid/52818http://archives.neohapsis.com/archives/bugtraq/2012-03/0167.htmlhttp://www.openwall.com/lists/oss-security/2012/03/30/5http://osvdb.org/80733http://www.exploit-db.com/exploits/18680http://osvdb.org/80732http://osvdb.org/80734http://coppermine.svn.sourceforge.net/viewvc/coppermine/trunk/cpg1.6.x/edit_one_pic.php?r1=8348&r2=8354http://www.openwall.com/lists/oss-security/2012/03/30/6http://packetstormsecurity.org/files/111369/Coppermine-1.5.18-Cross-Site-Scripting-Path-Disclosure.htmlhttp://www.waraxe.us/advisory-81.htmlhttp://www.openwall.com/lists/oss-security/2012/04/03/6http://osvdb.org/80735http://forum.coppermine-gallery.net/index.php/topic%2C74682.0.htmlhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/18680/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook