2 matches found
FreeBSD : coppermine -- multiple vulnerabilities (12488805-6773-11dc-8be8-02e0185f8d72)
The coppermine development team reports two vulnerabilities with the coppermine application. These vulnerabilities are caused by improper checking of the log variable in 'viewlog.php' and improper checking of the referer variable in 'mode.php'. This could allow local file inclusion, potentially...
CVE-2007-4977
CVE-2007-4977 concerns Coppermine Photo Gallery (CPG) prior to (and including) 1.4.12. The issue is an XSS in mode.php via the referer parameter, as described in the CVE entry and echoed in connected reports. The root cause is improper checking of the referer variable in mode.php, enabling inject...