CVE-2004-1988

Coppermine Photo Gallery <1.2.0 RC4 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1988. PoCs published by Janek Vind.

AI-analyzed exploit summary The provided text describes a vulnerability in Coppermine Photo Gallery (CVE-2004-1988) involving improper input validation leading to arbitrary command execution and file inclusion. It includes a sample exploit URL but lacks executable code.

Description

PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows remote attackers to execute arbitrary PHP code by modifying the CPG_M_DIR to reference a URL on a remote web server that contains functions.inc.php.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Janek Vind · textwebappsphp
https://www.exploit-db.com/exploits/24074

The provided text describes a vulnerability in Coppermine Photo Gallery (CVE-2004-1988) involving improper input validation leading to arbitrary command execution and file inclusion. It includes a sample exploit URL but lacks executable code.

Classification
Writeup 90%
Attack Type
Rce | Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: Coppermine Photo Gallery (version not specified)
No auth needed
Prerequisites: Access to the target application · Ability to craft malicious URLs
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108360247732014&w=2
Exploit, Vendor Advisory x_refsource_misc
http://www.waraxe.us/index.php?modname=sa&id=26
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1010001
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16041
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10253
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/5761
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/11524

Scores

EPSS 0.0933
EPSS Percentile 94.7%

Details

Status published
Products (11)
coppermine/coppermine_photo_gallery 1.0_rc3
coppermine/coppermine_photo_gallery 1.1_.0
coppermine/coppermine_photo_gallery 1.1_beta_2
coppermine/coppermine_photo_gallery 1.2
coppermine/coppermine_photo_gallery 1.2.1
coppermine/coppermine_photo_gallery 1.2.2_b
francisco_burzi/php-nuke 6.9
francisco_burzi/php-nuke 7.0
francisco_burzi/php-nuke 7.0_final
francisco_burzi/php-nuke 7.1
... and 1 more
Published Apr 30, 2004
Tracked Since Feb 18, 2026