Directory Traversal Vulnerability in Coppermine Photo Gallery
CVE-2008-3486

Currently unrated

Key Information:

Vendor

Coppermine-gallery

Status
Coppermine Photo Gallery
Vendor
CVE Published:
6 August 2008

What is CVE-2008-3486?

A directory traversal vulnerability exists in the user_get_profile function within the include/functions.inc.php file in Coppermine Photo Gallery (CPG) version 1.4.18 and earlier. When the character set is set to utf-8, this flaw permits remote attackers to leverage a crafted request to include and execute arbitrary local files by manipulating the lang parameter in serialized data contained within an _data cookie. This exploitation underscores potential risks to sensitive information and system integrity if proper security measures are not implemented.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/31295
third-party-advisoryx_refsource_SECUNIA
http://securityreason.com/securityalert/4108
third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/30480
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.