CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
71.3%
Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter.
Vendor | Product | Version | CPE |
---|---|---|---|
coppermine | coppermine_photo_gallery | 1.4 | cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4:*:*:*:*:*:*:* |
coppermine | coppermine_photo_gallery | 1.4.2 | cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.2:*:*:*:*:*:*:* |
coppermine | coppermine_photo_gallery | 1.4.4 | cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.4:*:*:*:*:*:*:* |
coppermine | coppermine_photo_gallery | 1.4.9 | cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.9:*:*:*:*:*:*:* |
coppermine | coppermine_photo_gallery | 1.4.10 | cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.10:*:*:*:*:*:*:* |
coppermine | coppermine_photo_gallery | 1.4.11 | cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.11:*:*:*:*:*:*:* |
coppermine | coppermine_photo_gallery | 1.4.12 | cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.12:*:*:*:*:*:*:* |
coppermine-gallery.net/forum/index.php?topic=46847.0
osvdb.org/37100
secunia.com/advisories/26843
securityreason.com/securityalert/3152
www.securityfocus.com/archive/1/479757/100/0/threaded
www.securityfocus.com/bid/25698
www.securitytracker.com/id?1018704
www.vupen.com/english/advisories/2007/3194
exchange.xforce.ibmcloud.com/vulnerabilities/36659