Vulnerabilities > Coppermine Gallery > Coppermine Photo Gallery > 1.3.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-16 | CVE-2014-4612 | Cross-site Scripting vulnerability in Coppermine-Gallery Coppermine Photo Gallery Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2011-01-11 | CVE-2010-4693 | Cross-Site Scripting vulnerability in Coppermine-Gallery Coppermine Photo Gallery Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php. | 4.3 |
2008-08-06 | CVE-2008-3486 | Path Traversal vulnerability in Coppermine-Gallery Coppermine Photo Gallery Directory traversal vulnerability in the user_get_profile function in include/functions.inc.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier, when the charset is utf-8, allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2008-08-05 | CVE-2008-3481 | Code Injection vulnerability in Coppermine-Gallery Coppermine Photo Gallery themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message. | 7.5 |
2008-01-31 | CVE-2008-0504 | SQL Injection vulnerability in Coppermine-Gallery Coppermine Photo Gallery Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php. | 6.5 |