PT-2026-24683 · Coppermine Photo Gallery+1 · Coppermine Photo Gallery+1
Jan Paweł Klim
·
Published
2026-03-11
·
Updated
2026-03-15
·
CVE-2026-3013
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Coppermine Photo Gallery versions 1.6.09 through 1.6.27
Description
Coppermine Photo Gallery is susceptible to a path traversal issue. An unauthenticated remote attacker can exploit a vulnerable endpoint to construct payloads that allow reading the content of any file accessible by the web server process.
Recommendations
Update Coppermine Photo Gallery to version 1.6.28 or later.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coppermine Photo Gallery
Cpg1.6.X