CVSS: 7.2EPSS: 1%CPEs: 15EXPL: 3CVE-2007-0122 – Coppermine Photo Gallery 1.4.11 - SQL Injection
https://notcve.org/view.php?id=CVE-2007-0122
09 Jan 2007 — Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions. Múltiples vulnerabilidades de inyección SQL en Coppermine Photo Gallery 1.4.10 y anteriores permiten a... • https://www.exploit-db.com/exploits/29397 •
CVSS: 9.8EPSS: 14%CPEs: 1EXPL: 2CVE-2006-4321 – Mambo Component CopperminePhotoGalery - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-4321
24 Aug 2006 — PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cpg) 1.0 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en cpg.php del componente Coppermine Photo Gallery (com_cpg) 1.0 y anteriores para Mambo permite a atacantes remotos ejecutar código PHp de su elección mediante una URL en el parámetro mosConfig_absolute_path. • https://www.exploit-db.com/exploits/2196 •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2006-2514
https://notcve.org/view.php?id=CVE-2006-2514
22 May 2006 — Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions. • http://secunia.com/advisories/20211 •