2 matches found
CVE-2007-3558
SQL injection vulnerability in Coppermine Photo Gallery CPG before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component...
CVE-2007-3558
Coppermine Photo Gallery is affected by CVE-2007-3558: versions before 1.4.11 are vulnerable to a SQL injection via the album password cookie. The root cause is lack of sanitization in get_private_album_set in include/functions.inc.php, allowing remote attackers to manipulate database queries. Po...