Coppermine Photo Gallery 1.4.x mode.php referer Parameter XSS

ID SSV:83969
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


Coppermine Photo Gallery is prone to a cross-site scripting issue and a local file-include issue.

Attackers can exploit these issues to steal cookie-based authentication credentials, execute arbitrary code, and retrieve arbitrary content within the context of the webserver process.

Coppermine Photo Gallery 1.4.12 is vulnerable; other versions may also be affected.