CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4612
https://notcve.org/view.php?id=CVE-2014-4612
16 Mar 2018 — Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en el gestor de palabras clave en Coppermine Photo Gallery en versiones anteriores a la 1.5.27 y en versiones 1.6.x anteriores a la 1.6.01 permite que los atacantes remotos inyecten scripts web o HTML arbitrarios utilizando vectores n... • http://forum.coppermine-gallery.net/index.php/topic%2C77376.0.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2015-3921 – Coppermine Gallery 1.5.34 XSS / Open Redirection
https://notcve.org/view.php?id=CVE-2015-3921
21 May 2015 — Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter. Vulnerabilidad de XSS en contact.php en Coppermine Photo Gallery anterior a 1.5.36 permite a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro referer. Coppermine Gallery version 1.5.34 suffers from cross site scripting, open redirection, and directory enu... • https://packetstorm.news/files/id/132004 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-3922 – Coppermine Gallery 1.5.34 XSS / Open Redirection
https://notcve.org/view.php?id=CVE-2015-3922
21 May 2015 — Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter. Vulnerabilidad de la redirección abierta en mode.php en Coppermine Photo Gallery anterior a 1.5.36 permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a través de una URL en el parámetro referer. Coppermine Gallery version 1.5.34 suffers from cr... • https://packetstorm.news/files/id/132004 •
CVSS: 5.4EPSS: 1%CPEs: 59EXPL: 6CVE-2012-1613 – coppermine 1.5.18 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-1613
04 Sep 2012 — Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en edit_one_pic.php en Coppermine Photo Gallery antes de v1.5.20, permite a usuarios autenticados remotamente con ciertos privilegios, inyectar secuencias de comandos web o HTML a través del parámetro keyw... • https://www.exploit-db.com/exploits/18680 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 19%CPEs: 61EXPL: 10CVE-2012-1614 – coppermine 1.5.18 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-1614
04 Sep 2012 — Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or (6) older_than parameter to search.inc.php, which reveals the installation path in an error message. Coppermine Photo Gallery anterior a v1.5.20 permite a atacantes remotos obtener información sensible a través de ... • https://www.exploit-db.com/exploits/18680 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 58EXPL: 0CVE-2011-2476
https://notcve.org/view.php?id=CVE-2011-2476
14 Jun 2011 — Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-4667. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Coppermine Photo Gallery (CPG), antes de v1.5.12 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados, una vulnerabilidad diferente de CVE-2010-4667 • http://forum.coppermine-gallery.net/index.php/topic%2C69495.0.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 57EXPL: 5CVE-2010-4693 – Coppermine Photo Gallery 1.5.10 - 'help.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-4693
11 Jan 2011 — Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php. Múltiples vulnerabilidades de de secuencias de comandos en sitios cruzados (XSS) en Coppermine Photo Gallery 1.5.10 y versiones anteriores. Permiten a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de los parámetros (... • https://www.exploit-db.com/exploits/35156 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •