Coppermine Photo Gallery@1.4.8 Security Vulnerabilities and Issues — Coppermine Photo Gallery@1.4.8 CVE List

Lucene search

CoppermineCoppermine Photo Gallery1.4.8

3 matches found

CVE•added 2008/04/16 5:5 p.m.•41 views

CVE-2008-1841

SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery (CPG) 1.4.17 and earlier allows remote attackers to execute arbitrary SQL commands via an input field associated with the session_id variable, as exploited in the wild in April...

6.8CVSS8.4AI score0.00566EPSS

CVE•added 2006/06/19 10:2 a.m.•38 views

CVE-2006-3064

SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo Gallery (CPG) 1.4.8, when "Keep detailed hit statistics" is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) referer and (2) user-agent HTTP headers.

7.5CVSS8.8AI score0.00603EPSS

CVE•added 2008/04/16 5:5 p.m.•27 views

CVE-2008-1840

SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.

6.5CVSS7.9AI score0.00515EPSS