CVE-2004-1987

Name of the Vulnerable Software and Affected Versions Coppermine Photo Gallery versions 1.2.0 RC4 through 1.2.2b

Description The issue allows remote attackers with administrative privileges to execute arbitrary commands. This can be achieved by injecting shell metacharacters into the impath or jpeg qual parameters.

Recommendations For Coppermine Photo Gallery versions 1.2.0 RC4 through 1.2.2b, restrict access to the administrative interface to minimize the risk of exploitation. As a temporary workaround, consider validating and sanitizing the input for the impath and jpeg qual parameters to prevent shell metacharacter injection.