Cross-Site Scripting Vulnerabilities in Coppermine Photo Gallery by Coppermine
CVE-2010-4693

Currently unrated

Key Information:

Vendor: Coppermine-gallery
Status: Coppermine Photo Gallery
Vendor: CVE Published:; 11 January 2011

🔔 Create Coppermine-gallery Vulnerability Alert

What is CVE-2010-4693?

Coppermine Photo Gallery versions prior to 1.5.10 are susceptible to multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities enable remote attackers to inject arbitrary web scripts or HTML into pages viewed by users. The affected parameters include 'h' and 't' in help.php and 'picfile_XXX' in searchnew.php. Due to these weaknesses, an attacker can execute harmful scripts in the context of a user's session, potentially compromising data integrity and user confidentiality.

References

http://www.securityfocus.com/bid/45600

vdb-entryx_refsource_BID

http://secunia.com/advisories/42751

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/70173

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 11, 2011
Vulnerability Reserved
Jan 10, 2011

JSON