Vulnerabilities > CVE-2004-1986
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 | |
| Application | 5 |
Exploit-Db
| description | Coppermine Photo Gallery 1.x modules.php startdir Parameter Traversal Arbitrary File Access. CVE-2004-1986 . Webapps exploit for php platform |
| id | EDB-ID:24073 |
| last seen | 2016-02-02 |
| modified | 2004-04-30 |
| published | 2004-04-30 |
| reporter | Janek Vind |
| source | https://www.exploit-db.com/download/24073/ |
| title | Coppermine Photo Gallery 1.x modules.php startdir Parameter Traversal Arbitrary File Access |
References
- http://marc.info/?l=bugtraq&m=108360247732014&w=2
- http://marc.info/?l=bugtraq&m=108360247732014&w=2
- http://secunia.com/advisories/11524
- http://secunia.com/advisories/11524
- http://securitytracker.com/id?1010001
- http://securitytracker.com/id?1010001
- http://www.osvdb.org/5758
- http://www.osvdb.org/5758
- http://www.securityfocus.com/bid/10253
- http://www.securityfocus.com/bid/10253
- http://www.waraxe.us/index.php?modname=sa&id=26
- http://www.waraxe.us/index.php?modname=sa&id=26
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16042