Vulnerabilities > Coppermine > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-19 | CVE-2007-4977 | Cross-Site Scripting vulnerability in Coppermine Photo Gallery Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter. | 3.5 |
| 2006-11-26 | CVE-2006-6123 | Cross-Site Scripting vulnerability in Coppermine Photo Gallery 1.4.8Stable Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote attackers to bypass XSS protection and set arbitrary variables via a query string that causes the variable to be defined in global space, with separate _GET, _REQUEST, or other critical parameters, which are unset by the protection scheme and prevent the original variable from being detected. | 2.6 |