Vulnerabilities > CVE-2004-1987 - Input Validation vulnerability in Coppermine Photo Gallery

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
coppermine
francisco-burzi
NVD
Published: 2004-04-30
Updated: 2017-07-11

Summary

picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters.

Vulnerable Configurations

Part Description Count
Application
Coppermine
6
Application
Francisco_Burzi
5

References