CVE-2007-1107
Coppermine Photo Gallery (CPG) 1.3.x is vulnerable to a SQL injection via the cpg131_fav cookie, allowing remote authenticated users to execute arbitrary SQL commands. The issue was later reported to affect 1.4.x versions (e.g., 1.4.10, 1.4.14) using similar cookies. A Nessus entry additionally n...