CVE-2005-3979

Coppermine Photo Gallery 1.4.2 and 1.4 beta - Unauthenticated Sensitive Information Exposure via relocate_server.php

Title source: llm
STIX 2.1

Description

relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.

References (3)

Core 3
Core References
Permissions Required, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2698
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17855

Scores

EPSS 0.0155
EPSS Percentile 72.1%

Details

CWE
CWE-287
Status published
Products (2)
coppermine-gallery/coppermine_photo_gallery 1.4 beta
coppermine-gallery/coppermine_photo_gallery 1.4.2
Published Dec 03, 2005
Tracked Since Feb 18, 2026