Vulnerabilities > CVE-2006-2514 - File-Upload vulnerability in Coppermine Photo Gallery

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

coppermine

NVD

Published: 2006-05-22

Updated: 2017-07-20

Summary

Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions. Product is vulnerable when running on Apache with mod_mime installed. This vulnerability is addressed in the following product release: Coppermine, Photo Gallery, 1.4.6

Vulnerable Configurations

Part	Description	Count
Application	Coppermine Coppermine Coppermine Photo Gallery 1.0_Rc3 Coppermine Coppermine Photo Gallery 1.1.0 Coppermine Coppermine Photo Gallery 1.1_Beta_2 Coppermine Coppermine Photo Gallery 1.2 Coppermine Coppermine Photo Gallery 1.2.1 Coppermine Coppermine Photo Gallery 1.2.2_B Coppermine Coppermine Photo Gallery 1.3 Coppermine Coppermine Photo Gallery 1.3.2 Coppermine Coppermine Photo Gallery 1.3.3 Coppermine Coppermine Photo Gallery 1.4.2 Coppermine Coppermine Photo Gallery 1.4.3 Coppermine Coppermine Photo Gallery 1.4.4 Coppermine Coppermine Photo Gallery * Coppermine Coppermine Photo Gallery 1.4_Beta	14

Summary

Vulnerable Configurations

References