Show filters
181 Total Results
Displaying 171-180 of 181
Sort by:
Attacker Value
Unknown

CVE-2005-1225

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote attackers to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php.
0
0
Attacker Value
Unknown

CVE-2005-1226

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which allows remote attackers to obtain sensitive information.
0
0
Attacker Value
Unknown

CVE-2004-1984

Disclosure Date: May 02, 2004 (last updated February 22, 2025)
Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.php, which reveal the full path in a PHP error message.
0
0
Attacker Value
Unknown

CVE-2004-1987

Disclosure Date: April 30, 2004 (last updated February 22, 2025)
picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters.
0
0
Attacker Value
Unknown

CVE-2004-1985

Disclosure Date: April 30, 2004 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to inject arbitrary HTML or web script via the CPG_URL parameter.
0
0
Attacker Value
Unknown

CVE-2004-1989

Disclosure Date: April 30, 2004 (last updated February 22, 2025)
PHP remote file inclusion vulnerability in theme.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to execute arbitrary PHP code by modifying the THEME_DIR parameter to reference a URL on a remote web server that contains user_list_info_box.inc.
0
0
Attacker Value
Unknown

CVE-2004-1988

Disclosure Date: April 30, 2004 (last updated February 22, 2025)
PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows remote attackers to execute arbitrary PHP code by modifying the CPG_M_DIR to reference a URL on a remote web server that contains functions.inc.php.
0
0
Attacker Value
Unknown

CVE-2004-1986

Disclosure Date: April 04, 2004 (last updated February 22, 2025)
Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.
0
0
Attacker Value
Unknown

CVE-2003-1525

Disclosure Date: December 31, 2003 (last updated October 03, 2023)
Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors.
0
0
Attacker Value
Unknown

CVE-2002-1411

Disclosure Date: April 11, 2003 (last updated February 22, 2025)
Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter.
0
0
View More Topics  < Previous  Next >