Cross-Site Scripting Vulnerability in Coppermine Photo Gallery
CVE-2007-5888

Currently unrated

Key Information:

Vendor: Coppermine
Status: Coppermine Photo Gallery
Vendor: CVE Published:; 7 November 2007

What is CVE-2007-5888?

The vulnerability identified in Coppermine Photo Gallery enables attackers to exploit the displayecard.php script via the 'data' parameter. This security flaw allows the injection of arbitrary web scripts or HTML, potentially compromising user data and site integrity. Users of versions prior to 1.4.14 should update their software to mitigate this risk.

References

http://secunia.com/advisories/27534

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/38290

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/26357

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 7, 2007
Vulnerability Reserved
Nov 7, 2007

JSON