CVE-2007-4976

Published: Sep 19, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://coppermine-gallery.net/forum/index.php?topic=46847.0

x_refsource_CONFIRM

3152

third-party-advisory

x_refsource_SREASON

20070917 Coppermine <= 1.4.12 Cross Site Scripting and Local File Inclusion

mailing-list

x_refsource_BUGTRAQ

1018704

vdb-entry

x_refsource_SECTRACK

26843

third-party-advisory

x_refsource_SECUNIA

coppermine-viewlog-file-include(36660)

vdb-entry

x_refsource_XF

ADV-2007-3194

vdb-entry

x_refsource_VUPEN

25698

vdb-entry

x_refsource_BID

37101

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-4976

Description

Affected Products

References