NotCVE - vendor:"Coppermine-gallery" product:"Coppermine Photo Gallery"

18 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-14478 – Coppermine 1.5.46 Cross Site Scripting

https://notcve.org/view.php?id=CVE-2018-14478

ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter. ecard.php en Coppermine Photo Gallery (CPG) 1.5.46 tiene XSS a través del parámetro sender_name, recipient_email, greetings, o recipient_name. Coppermine version 1.5.46 suffers from multiple cross site scripting vulnerabilities. • http://forum.coppermine-gallery.net/index.php/board%2C58.0.html http://packetstormsecurity.com/files/151306/Coppermine-1.5.46-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-4612

https://notcve.org/view.php?id=CVE-2014-4612

Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en el gestor de palabras clave en Coppermine Photo Gallery en versiones anteriores a la 1.5.27 y en versiones 1.6.x anteriores a la 1.6.01 permite que los atacantes remotos inyecten scripts web o HTML arbitrarios utilizando vectores no especificados. • http://forum.coppermine-gallery.net/index.php/topic%2C77376.0.html http://seclists.org/oss-sec/2014/q2/608 http://seclists.org/oss-sec/2014/q2/620 http://sourceforge.net/p/coppermine/code/8674 http://www.securityfocus.com/bid/68140 https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.5.x/CHANGELOG.txt https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.6.x/CHANGELOG.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2015-6528

https://notcve.org/view.php?id=CVE-2015-6528

Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) dbuser, (7) dbpass, (8) table_prefix, or (9) impath parameter. Múltiples vulnerabilidades de XSS en install_classic.php en Coppermine Photo Gallery (CPG) 1.5.36, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) dbuser, (7) dbpass, (8) table_prefix o (9) impath. • http://packetstormsecurity.com/files/133059/Coppermine-Photo-Gallery-1.5.36-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-3921 – Coppermine Gallery 1.5.34 XSS / Open Redirection

https://notcve.org/view.php?id=CVE-2015-3921

Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter. Vulnerabilidad de XSS en contact.php en Coppermine Photo Gallery anterior a 1.5.36 permite a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro referer. Coppermine Gallery version 1.5.34 suffers from cross site scripting, open redirection, and directory enumeration vulnerabilities. • http://forum.coppermine-gallery.net/index.php/topic%2C78194.0.html http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html http://www.securityfocus.com/bid/74872 http://www.securitytracker.com/id/1032558 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-3922 – Coppermine Gallery 1.5.34 XSS / Open Redirection

https://notcve.org/view.php?id=CVE-2015-3922

Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter. Vulnerabilidad de la redirección abierta en mode.php en Coppermine Photo Gallery anterior a 1.5.36 permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a través de una URL en el parámetro referer. Coppermine Gallery version 1.5.34 suffers from cross site scripting, open redirection, and directory enumeration vulnerabilities. • http://forum.coppermine-gallery.net/index.php/topic%2C78194.0.html http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html http://www.securityfocus.com/bid/74869 http://www.securitytracker.com/id/1032558 •

1 2 3 4