Cross-Site Scripting Vulnerability in Coppermine Photo Gallery
CVE-2009-1616

Currently unrated

Key Information:

Vendor: Coppermine
Status: Coppermine Photo Gallery
Vendor: CVE Published:; 11 May 2009

What is CVE-2009-1616?

A Cross-site Scripting (XSS) vulnerability exists in the docs/showdoc.php file of Coppermine Photo Gallery prior to version 1.4.22. This flaw allows remote attackers to exploit the css parameter, injecting arbitrary web scripts or HTML into the application. Users and systems employing affected versions may face security threats due to potential malicious script execution in their web browsers.

References

http://secunia.com/advisories/34961

third-party-advisoryx_refsource_SECUNIA

http://forum.coppermine-gallery.net/index.php/topic%2C592...

x_refsource_CONFIRM

http://forum.coppermine-gallery.net/index.php/topic%2C592...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 11, 2009

JSON