9 lines
No EOL
501 B
Text
9 lines
No EOL
501 B
Text
source: https://www.securityfocus.com/bid/25698/info
|
|
|
|
Coppermine Photo Gallery is prone to a cross-site scripting issue and a local file-include issue.
|
|
|
|
Attackers can exploit these issues to steal cookie-based authentication credentials, execute arbitrary code, and retrieve arbitrary content within the context of the webserver process.
|
|
|
|
Coppermine Photo Gallery 1.4.12 is vulnerable; other versions may also be affected.
|
|
|
|
http://localhost/cpg/viewlog.php?log=../../../../../../../../../etc/passwd%00 |