[CLOSE] OSVDB ID : 23347 - Disclosed: 2006-02-17

Description:

(Description Provided by CVE) : Absolute path traversal vulnerability in docs/showdocs.php in Coppermine Photo Gallery 1.4.3 and earlier allows remote attackers to include arbitrary files via the f parameter, and possibly remote files using UNC share pathnames.

[CLOSE] OSVDB ID : 5912 - Disclosed: 2004-04-29

Description:

Coppermine Photo Gallery contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is triggered when sending a specially crafted URL request to the theme.php script using the THEME_DIR variable to specify a malicious file from a remote system as a parameter. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 47353 - Disclosed: 2008-07-31

Description:

(Description Provided by CVE) : themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

[CLOSE] OSVDB ID : 33133 - Disclosed: 2007-02-24

Description:

(Description Provided by CVE) : SQL injection vulnerability in thumbnails.php in Coppermine Photo Gallery (CPG) 1.3.x allows remote authenticated users to execute arbitrary SQL commands via a cpg131_fav cookie. NOTE: it was later reported that 1.4.10, 1.4.14, and other 1.4.x versions are also affected using similar cookies.

[CLOSE] OSVDB ID : 54581 - Disclosed: 2009-05-18

Description:

Coppermine Photo Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'thumbnails.php' script not properly sanitizing user-supplied input to the 'GLOBALS[cat]' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 57288 - Disclosed: 2008-08-06

Description:

Coppermine Photo Gallery contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to an unspecified script not properly sanitizing user input supplied to unspecified parameter(s). This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 57295 - Disclosed: 2008-08-06

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 57291 - Disclosed: 2008-08-06

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 73128 - Disclosed: 2010-05-20

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.4.27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

[CLOSE] OSVDB ID : 73129 - Disclosed: 2011-01-02

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-4667.

[CLOSE] OSVDB ID : 57915 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.

[CLOSE] OSVDB ID : 44345 - Disclosed: 2008-04-11

Description:

(Description Provided by CVE) : SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.

[CLOSE] OSVDB ID : 62261 - Disclosed: 2010-01-28

Description:

Coppermine Photo Gallery contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the URL upon submission to the upload.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 35853 - Disclosed: 2007-01-04

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions.

[CLOSE] OSVDB ID : 26211 - Disclosed: 2006-06-06

Description:

(Description Provided by CVE) : Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery before 1.4.7 has unknown impact and remote attack vectors, possibly related to authorization/authentication errors.

[CLOSE] OSVDB ID : 41678 - Disclosed: 2008-01-29

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authen ticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php.

[CLOSE] OSVDB ID : 37101 - Disclosed: 2007-09-18

Description:

(Description Provided by CVE) : Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.

[CLOSE] OSVDB ID : 10855 - Disclosed: 2004-10-12

Description:

Coppermine Photo Gallery contains a flaw that may allow a remote attacker to arbitrary manipulate votings. The issue is triggered due the gallery relying on browser cookies to restrict voting. If cookies are turned on and a user votes, they will not be able to vote a second time. However, if the user disables cookies in their browser, Coppermine will allow them to vote as many times as they want.

[CLOSE] OSVDB ID : 15882 - Disclosed: 2004-04-20

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 50908 - Disclosed: 2005-04-20

Description:

Coppermine Photo Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'zipdownload.php' script not properly sanitizing user-supplied input to the 'favs' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 3145 - Disclosed: 1998-06-28

Description:

COPS Security Checker contains a flaw that allows local attackers to overwrite arbitrary files and possibly gain root priveleges. The flaw is due to a lack of sanity checking on calls to temporary files created in /tmp that do not check for existing files with the same name. Such flaws can be taken advantage of with symlinks and arbitrary files can be overwritten or appended to.

[CLOSE] OSVDB ID : 16720 - Disclosed: 2005-05-16

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 72938 - Disclosed: 2011-06-13

Description:

Core Design Scriptegrator Plugin for Joomla! contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the plugins/system/cdscriptegrator/libraries/highslide/css/cssloader.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'files[]' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 62406 - Disclosed: 2010-02-18

Description:

Core Design Scriptegrator Plugin for Joomla! contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php' script not properly sanitizing user input supplied to the 'files[]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 62485 - Disclosed: 2010-02-18

Description:

Core Design Scriptegrator Plugin for Joomla! contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'plugins/system/cdscriptegrator/libraries/jquery/js/jsloader.php' script not properly sanitizing user input supplied to the 'files[]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 62484 - Disclosed: 2010-02-18

Description:

Core Design Scriptegrator Plugin contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'plugins/system/cdscriptegrator/libraries/jquery/js/ui/jsloader.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'file' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 72939 - Disclosed: 2011-06-13

Description:

Core Design Scriptegrator Plugin for Joomla! contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the plugins/system/cdscriptegrator/libraries/jquery/theme/cssloader.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'file' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 73205 - Disclosed: 2011-06-17

Description:

Core Design Scriptegrator Plugin for Joomla! contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to unspecified input not being properly sanitized before being returned to the user, specifically directory traversal style attacks (e.g., ../../). This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 43256 - Disclosed: 2008-01-17

Description:

(Description Provided by CVE) : Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions in the Registry module.

[CLOSE] OSVDB ID : 43257 - Disclosed: 2008-01-17

Description:

(Description Provided by CVE) : Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions in the Registry module.