CVE-2006-0873

Name of the Vulnerable Software and Affected Versions Coppermine Photo Gallery versions 1.4.3 and earlier

Description The issue allows remote attackers to include arbitrary files via the f parameter in the "docs/showdocs.php" file, potentially leading to the inclusion of remote files using UNC share pathnames.

Recommendations For Coppermine Photo Gallery versions 1.4.3 and earlier, consider restricting access to the f parameter in the "docs/showdocs.php" file to minimize the risk of exploitation. As a temporary workaround, avoid using the f parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.