Lucene search
FreeBSD77CCEAEF-E9A4-11DA-B9F4-00123FFE8333HistoryFeb 20, 2006 - 12:00 a.m.
coppermine -- File Inclusion Vulnerabilities
2006-02-2000:00:00
vuxml.freebsd.org
9
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.019
Percentile
88.4%
Secunia reports:
Coppermine Photo Gallery have a vulnerability, which can be
exploited by malicious people and by malicious users to compromise
a vulnerable system.
- Input passed to the “lang” parameter in include/init.inc.php
isn’t properly verified, before it is used to include files. This
can be exploited to include arbitrary files from local resources.
The vulnerability can be further exploited by users who are allowed
to upload image files to execute arbitrary PHP code. - Input passed to the “f” parameter in docs/showdoc.php isn’t
properly verified, before it is used to include files. This can be
exploited to include arbitrary files from local resources on the
Windows platform, and remote files from Windows shared folders.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | coppermine | < 1.4.4 | UNKNOWN |
Related
openvas
openvas
FreeBSD Ports: coppermine
2008-09-04 00:00:00
FreeBSD Ports: coppermine
2008-09-04 00:00:00
nessus
nessus
cve
cve
CVE-2006-0872
2006-02-24 11:02:00
CVE-2006-0873
2006-02-24 11:02:00
cvelist
cvelist
CVE-2006-0873
2006-02-24 11:00:00
CVE-2006-0872
2006-02-24 11:00:00
nvd
nvd
CVE-2006-0873
2006-02-24 11:02:00
CVE-2006-0872
2006-02-24 11:02:00
prion
prion
Directory traversal
2006-02-24 11:02:00
Path traversal
2006-02-24 11:02:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.019
Percentile
88.4%
Related for 77CCEAEF-E9A4-11DA-B9F4-00123FFE8333