Coppermine Photo Gallery@1.3 Security Vulnerabilities and Issues — Coppermine Photo Gallery@1.3 CVE List

Lucene search

CoppermineCoppermine Photo Gallery1.3

5 matches found

CVE•added 2007/02/26 5:28 p.m.•45 views

CVE-2007-1107

SQL injection vulnerability in thumbnails.php in Coppermine Photo Gallery (CPG) 1.3.x allows remote authenticated users to execute arbitrary SQL commands via a cpg131_fav cookie. NOTE: it was later reported that 1.4.10, 1.4.14, and other 1.4.x versions are also affected using similar cookies.

7.5CVSS7.9AI score0.02369EPSS

CVE•added 2005/05/02 4:0 a.m.•41 views

CVE-2005-1172

Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter.

4.3CVSS5.6AI score0.00346EPSS

CVE•added 2006/05/22 10:2 p.m.•40 views

CVE-2006-2514

Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions.

7.5CVSS6.8AI score0.00741EPSS

CVE•added 2005/08/23 4:0 a.m.•39 views

CVE-2005-2676

Cross-site scripting (XSS) vulnerability in displayimage.php in Coppermine Photo Gallery before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via EXIF data.

4.3CVSS5.7AI score0.00346EPSS

CVE•added 2007/01/09 2:28 a.m.•39 views

CVE-2007-0122

Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and ...

6.5CVSS8.2AI score0.01631EPSS