EUVD-2005-0915

Malware in sbrugna...

EUVD-2006-0734

Malware in sbrugna...

EUVD-2006-0733

Malware in sbrugna...

Malicious code in cpg-nordic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df880f7daa5cac1a2439895b248275f561a037953486a0a89fd2bee0f12e4ce0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2222 Malicious code in cpg-nordic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df880f7daa5cac1a2439895b248275f561a037953486a0a89fd2bee0f12e4ce0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2018-14478

CVE-2018-14478 affects Coppermine Photo Gallery (CPG) 1.5.46. The vulnerability is a reflected cross-site scripting (XSS) in ecard.php, exploitable via parameters sender_name, recipient_email, greetings, or recipient_name. Attack patterns demonstrated in public advisories show injected scripts in...

CVE-2015-6528

Multiple cross-site scripting XSS vulnerabilities in installclassic.php in Coppermine Photo Gallery CPG 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the 1 adminusername, 2 adminpassword, 3 adminemail, 4 dbserver, 5 dbname, 6 dbuser, 7 dbpass, 8 tableprefix, or 9 impath...

CPG Dragonfly 9.0.2 .0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12930/info CPG Dragonfly is prone to multiple cross-site scripting vulnerabilities in various modules. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user...

CVE-2011-3722

CVE-2011-3722 affects Coppermine Photo Gallery (CPG) 1.5.12. The issue allows remote attackers to disclose sensitive information by directly requesting certain PHP files, resulting in an error message that reveals the installation path (illustrated by include/inspekt.php and related files). The e...

CVE-2010-4667

CVE-2010-4667 affects Coppermine Photo Gallery (CPG) prior to version 1.4.27. The vulnerability is a Cross-site Scripting (XSS) issue that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The official description notes no specifics on vectors, and the connec...

CVE-2008-7187

The CVE-2008-7187 vulnerability affects Coppermine Photo Gallery (CPG) 1.4.14. A remote attacker can disclose sensitive information by issuing a direct request to include/slideshow.inc.php, which results in an error message that leaks the installation path. The documentation does not provide reme...

CVE-2008-7186

Coppermine Photo Gallery CPG 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504...

CVE-2008-7186

Coppermine Photo Gallery (CPG) 1.4.14 exposes update.php to direct requests, allowing remote attackers to obtain sensitive information such as the database table prefix. This is a local information disclosure issue stemming from improper access restriction, and it may be leveraged in connection w...

CVE-2008-3486

CVE-2008-3486 : In Coppermine Photo Gallery (CPG) 1.4.18 and earlier, when the charset is utf-8, the _data cookie’s serialized data can be crafted to alter the lang parameter, allowing remote attackers to trigger a directory traversal via .. in include/functions.inc.php/upon the lang data being p...

CVE-2008-3481

The CVE-2008-3481 issue affects Coppermine Photo Gallery (CPG) 1.4.18 and earlier. A flaw in themes/sample/theme.php allows remote attackers to reveal the installation path via a crafted direct request, causing information disclosure. The CVSS vectors indicate Network access, low attack complexit...

CVE-2008-1841

CVE-2008-1841 is a database-injection vulnerability in Coppermine Photo Gallery (CPG) 1.4.17 and earlier. It affects the session handling in bridge/coppermine.inc.php, allowing remote attackers to execute arbitrary SQL commands via a field tied to the session_id variable; exploitation was reporte...

CVE-2008-0505

CVE-2008-0505 affects Coppermine Photo Gallery: multiple XSS in docs/showdoc.php before 1.4.15. Attacks inject arbitrary script/HTML via the h and t parameters. Impact is user-visible content tampering; no patch details are provided in the supplied documents. Affected version range and remediatio...

cpg1414-sql.txt

table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1 cpg1410\n"; credits; / FUNCTIONS / if...

CVE-2007-4283

The CVE-2007-4283 entry describes a PHP remote file inclusion vulnerability in Coppermine Photo Gallery (CPG) 1.3.1, specifically in bridge/yabbse.inc.php where an attacker can supply a URL via the sourcedir parameter to execute arbitrary PHP code. Affected software is Coppermine Photo Gallery; t...

CVE-2007-3558

Coppermine Photo Gallery is affected by CVE-2007-3558: versions before 1.4.11 are vulnerable to a SQL injection via the album password cookie. The root cause is lack of sanitization in get_private_album_set in include/functions.inc.php, allowing remote attackers to manipulate database queries. Po...