CVE-2005-3979

2005-12-0319:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.

References

coppermine-gallery.net/forum/index.php?topic=24217.0

secunia.com/advisories/17855

www.vupen.com/english/advisories/2005/2698