CVE-2005-3979
Coppermine Photo Gallery 1.4.2 and 1.4 beta - Unauthenticated Sensitive Information Exposure via relocate_server.php
Title source: llmDescription
relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.
References (3)
Core 3
Core References
Permissions Required, Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2698
Permissions Required, Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17855
Vendor Advisory x_refsource_confirm
http://coppermine-gallery.net/forum/index.php?topic=24217.0
Scores
EPSS
0.0155
EPSS Percentile
72.1%
Details
CWE
CWE-287
Status
published
Products (2)
coppermine-gallery/coppermine_photo_gallery
1.4 beta
coppermine-gallery/coppermine_photo_gallery
1.4.2
Published
Dec 03, 2005
Tracked Since
Feb 18, 2026