CVE-2004-1986

Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 - Authenticated Directory Traversal via Startdir Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1986. PoCs published by Janek Vind.

AI-analyzed exploit summary The provided text describes a vulnerability in Coppermine Photo Gallery related to input-validation issues, which may lead to arbitrary command execution. It includes a sample URL demonstrating directory traversal but lacks executable exploit code.

Description

Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Janek Vind · textwebappsphp
https://www.exploit-db.com/exploits/24073

The provided text describes a vulnerability in Coppermine Photo Gallery related to input-validation issues, which may lead to arbitrary command execution. It includes a sample URL demonstrating directory traversal but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Coppermine Photo Gallery (version not specified)
No auth needed
Prerequisites: Access to the vulnerable Coppermine Photo Gallery instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16042
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108360247732014&w=2
Exploit, Vendor Advisory x_refsource_misc
http://www.waraxe.us/index.php?modname=sa&id=26
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1010001
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/5758
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10253
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/11524

Scores

EPSS 0.1063
EPSS Percentile 95.2%

Details

Status published
Products (11)
coppermine/coppermine_photo_gallery 1.0_rc3
coppermine/coppermine_photo_gallery 1.1_.0
coppermine/coppermine_photo_gallery 1.1_beta_2
coppermine/coppermine_photo_gallery 1.2
coppermine/coppermine_photo_gallery 1.2.1
coppermine/coppermine_photo_gallery 1.2.2_b
francisco_burzi/php-nuke 6.9
francisco_burzi/php-nuke 7.0
francisco_burzi/php-nuke 7.0_final
francisco_burzi/php-nuke 7.1
... and 1 more
Published Apr 04, 2004
Tracked Since Feb 18, 2026