Remote Information Disclosure in Coppermine Photo Gallery by Coppermine
CVE-2005-3979

Currently unrated

Key Information:

Vendor

Coppermine-gallery

Status
Coppermine Photo Gallery
Vendor
CVE Published:
3 December 2005

What is CVE-2005-3979?

A security flaw in the Coppermine Photo Gallery's relocate_server.php script, present in versions 1.4.2 and 1.4 beta, allows unauthorized remote attackers to access sensitive data. Since this script remains on the server after installation and lacks appropriate authentication controls, attackers can exploit direct requests to retrieve critical information, including database configuration settings. This vulnerability highlights the importance of secure installation practices and robust authentication mechanisms to protect sensitive data from unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/17855
third-party-advisoryx_refsource_SECUNIA
http://coppermine-gallery.net/forum/index.php?topic=24217.0
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2005/2698
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.