PT-2006-5130 · Coppermine · Coppermine Photo Gallery
K1Tk4T
·
Publicado
2006-08-24
·
Atualizado
2017-10-19
·
CVE-2006-4321
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Coppermine Photo Gallery component (com cpg) version 1.0 and earlier
Description
The issue allows remote attackers to execute arbitrary PHP code via a URL in the
mosConfig absolute path parameter. This can be exploited by providing a malicious URL to the vulnerable component.Recommendations
For Coppermine Photo Gallery component (com cpg) version 1.0 and earlier, consider disabling the
mosConfig absolute path parameter or restricting its use to minimize the risk of exploitation until a patch is available.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Coppermine Photo Gallery