Vulnerabilities > Coppermine Gallery > Coppermine Photo Gallery > 1.5.12

DATE CVE VULNERABILITY TITLE RISK
2018-03-16 CVE-2014-4612 Cross-site Scripting vulnerability in Coppermine-Gallery Coppermine Photo Gallery
Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
coppermine-gallery CWE-79
6.1
2011-09-23 CVE-2011-3722 Information Exposure vulnerability in Coppermine-Gallery Coppermine Photo Gallery 1.5.12
Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files.
network
low complexity
coppermine-gallery CWE-200
5.0