| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-0504 | 6.5 |
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_
|
16-10-2018 - 16:50 | 31-01-2008 - 20:00 | |
| CVE-2008-0505 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters.
|
15-10-2018 - 22:00 | 31-01-2008 - 20:00 | |
| CVE-2008-0506 | 6.8 |
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angl
|
15-10-2018 - 22:00 | 31-01-2008 - 20:00 | |
| CVE-2008-7187 | 5.0 |
Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.
|
11-10-2018 - 20:58 | 09-09-2009 - 17:30 | |
| CVE-2008-7186 | 5.0 |
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-
|
11-10-2018 - 20:58 | 09-09-2009 - 17:30 |