Lucene search

[email protected]CVE-2015-3922

HistoryMay 27, 2015 - 6:59 p.m.

CVE-2015-3922

2015-05-2718:59:01

[email protected]

web.nvd.nist.gov

cve-2015-3922

open redirect vulnerability

mode.php

coppermine photo gallery

remote attackers

phishing attacks

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.6%

JSON

Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter.

Affected configurations

NVD

Node

coppermine-gallerycoppermine_photo_galleryRange≤1.5.34

CPENameOperatorVersion
coppermine-gallery:coppermine_photo_gallerycoppermine-gallery coppermine photo galleryle1.5.34

CPE	Name	Operator	Version
coppermine-gallery:coppermine_photo_gallery	coppermine-gallery coppermine photo gallery	le	1.5.34

References

forum.coppermine-gallery.net/index.php/topic%2C78194.0.html

packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html

www.securityfocus.com/bid/74869

www.securitytracker.com/id/1032558

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.6%

JSON

Related for CVE-2015-3922

cvelist1 prion1 nvd1