Multiple Cross-Site Scripting Vulnerabilities in Coppermine Photo Gallery
CVE-2008-0505

Currently unrated

Key Information:

Vendor: Coppermine
Status: Coppermine Photo Gallery
Vendor: CVE Published:; 31 January 2008

What is CVE-2008-0505?

Multiple cross-site scripting vulnerabilities exist in the docs/showdoc.php file of Coppermine Photo Gallery versions prior to 1.4.15. These vulnerabilities can be exploited by remote attackers who can inject arbitrary web scripts or HTML into the affected system via the 'h' and 't' parameters. Successful exploitation could potentially lead to unauthorized access to sensitive user information or hijacking of user sessions, posing a significant threat to web application security.

References

http://www.securityfocus.com/bid/27511

vdb-entryx_refsource_BID

http://www.waraxe.us/advisory-66.html

x_refsource_MISC

http://www.securityfocus.com/archive/1/487351/100/200/thr...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 31, 2008
Vulnerability Reserved
Jan 31, 2008

JSON