Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Coppermine-gallery Security Vulnerabilities

cve
cve

CVE-2010-4815

Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code...

9.8CVSS

9.6AI Score

0.011EPSS

2020-02-05 07:15 PM
36
cve
cve

CVE-2010-4667

Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.4.27 allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.8AI Score

0.001EPSS

2022-10-03 04:21 PM
16
cve
cve

CVE-2011-2476

Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...

5.8AI Score

0.003EPSS

2011-06-14 05:55 PM
16
cve
cve

CVE-2018-14478

ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name...

6.1CVSS

5.9AI Score

0.002EPSS

2019-05-07 06:29 PM
22
cve
cve

CVE-2015-3922

Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer...

6.9AI Score

0.003EPSS

2015-05-27 06:59 PM
20
cve
cve

CVE-2012-1614

Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or.....

6.2AI Score

0.002EPSS

2022-10-03 04:15 PM
28
cve
cve

CVE-2015-3923

Coppermine Photo Gallery before 1.5.36 allows remote attackers to enumerate directories via a full path in the folder parameter to...

6.8AI Score

0.005EPSS

2015-06-10 06:59 PM
25
cve
cve

CVE-2015-3921

Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer...

5.4AI Score

0.001EPSS

2015-05-27 06:59 PM
24
cve
cve

CVE-2012-1613

Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords...

5.3AI Score

0.002EPSS

2022-10-03 04:15 PM
29
cve
cve

CVE-2014-4612

Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified...

6.1CVSS

6AI Score

0.002EPSS

2018-03-16 05:29 PM
22
cve
cve

CVE-2015-6528

Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) dbuser, (7) dbpass, (8)...

5.9AI Score

0.001EPSS

2022-10-03 04:15 PM
20
cve
cve

CVE-2011-3722

Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other...

6.3AI Score

0.003EPSS

2022-10-03 04:15 PM
19
cve
cve

CVE-2010-4693

Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to...

5.9AI Score

0.06EPSS

2011-01-11 03:00 AM
20
cve
cve

CVE-2008-7187

Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error...

6.3AI Score

0.005EPSS

2009-09-09 05:30 PM
23
cve
cve

CVE-2008-7186

Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against...

6.1AI Score

0.006EPSS

2009-09-09 05:30 PM
22
cve
cve

CVE-2008-3486

Directory traversal vulnerability in the user_get_profile function in include/functions.inc.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier, when the charset is utf-8, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang part of serialized...

7.1AI Score

0.011EPSS

2008-08-06 05:41 PM
32
cve
cve

CVE-2008-3481

themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error...

6.1AI Score

0.005EPSS

2008-08-05 07:41 PM
18
cve
cve

CVE-2008-0504

Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to...

8AI Score

0.002EPSS

2008-01-31 08:00 PM
24
cve
cve

CVE-2005-3979

relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct...

6.8AI Score

0.005EPSS

2005-12-03 07:03 PM
18