SQL Injection Flaw in Coppermine Photo Gallery by Coppermine
CVE-2008-0504

Currently unrated

Key Information:

Vendor: Coppermine-gallery
Status: Coppermine Photo Gallery
Vendor: CVE Published:; 31 January 2008

🔔 Create Coppermine-gallery Vulnerability Alert

What is CVE-2008-0504?

Coppermine Photo Gallery versions prior to 1.4.15 are susceptible to multiple SQL injection vulnerabilities. These flaws allow remote authenticated administrators to execute arbitrary SQL commands through various parameters including albumid, startpic, numpics in util.php, and cid_array in reviewcom.php. Exploitation of these vulnerabilities can lead to unauthorized data access and manipulation, posing a significant risk to database integrity.

References

http://www.securityfocus.com/bid/27509

vdb-entryx_refsource_BID

http://www.waraxe.us/advisory-66.html

x_refsource_MISC

http://www.securityfocus.com/archive/1/487351/100/200/thr...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 31, 2008
Vulnerability Reserved
Jan 31, 2008

JSON