Description
Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.
Exploits (1)
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16042
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108360247732014&w=2
Exploit, Vendor Advisory x_refsource_misc
http://www.waraxe.us/index.php?modname=sa&id=26
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1010001
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/5758
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10253
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11524
Scores
EPSS
0.0011
EPSS Percentile
29.2%
Details
Status
published
Products (11)
coppermine/coppermine_photo_gallery
1.0_rc3
coppermine/coppermine_photo_gallery
1.1_.0
coppermine/coppermine_photo_gallery
1.1_beta_2
coppermine/coppermine_photo_gallery
1.2
coppermine/coppermine_photo_gallery
1.2.1
coppermine/coppermine_photo_gallery
1.2.2_b
francisco_burzi/php-nuke
6.9
francisco_burzi/php-nuke
7.0
francisco_burzi/php-nuke
7.0_final
francisco_burzi/php-nuke
7.1
... and 1 more
Published
Apr 04, 2004
Tracked Since
Feb 18, 2026