CVE-2005-3979

Coppermine-gallery Coppermine Photo Gallery - Authentication Bypass

Title source: rule

Description

relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.

References (3)

[Vendor Advisory] http://coppermine-gallery.net/forum/index.php?topic=24217.0

[Permissions Required, Third Party Advisory] http://secunia.com/advisories/17855

[Permissions Required, Third Party Advisory] http://www.vupen.com/english/advisories/2005/2698

Scores

EPSS 0.0060

EPSS Percentile 69.3%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

coppermine-gallery/coppermine_photo_gallery

Timeline

Published Dec 03, 2005

Tracked Since Feb 18, 2026