Vulnerabilities > Coppermine > Coppermine Photo Gallery > 1.4

DATE	CVE	VULNERABILITY TITLE	RISK
2007-09-19	CVE-2007-4977	Cross-Site Scripting vulnerability in Coppermine Photo Gallery Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter. network coppermine CWE-79	3.5
2007-09-19	CVE-2007-4976	Path Traversal vulnerability in Coppermine Photo Gallery Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. network low complexity coppermine CWE-22	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.