2 matches found
CVE-2008-1840
SQL injection vulnerability in upload.php in Coppermine Photo Gallery CPG 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload...
Sql injection
SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery CPG 1.4.17 and earlier allows remote attackers to execute arbitrary SQL commands via an input field associated with the sessionid variable, as exploited in the wild in April...