CVE-2006-1909

Coppermine Photo Gallery 1.4.4 - Directory Traversal via Modified Dot Dot Slash in File Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1909. PoCs published by imei.

AI-analyzed exploit summary This exploit demonstrates a local file inclusion vulnerability in Coppermine 1.4.4 by manipulating the 'file' parameter to traverse directories and access sensitive files like /etc/passwd. The null byte (%00) is used to terminate the string and bypass file extension checks.

Description

Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences.

Exploits (1)

exploitdb WORKING POC VERIFIED

by imei · textwebappsphp

https://www.exploit-db.com/exploits/27669

View Code ZIP pw:eip

This exploit demonstrates a local file inclusion vulnerability in Coppermine 1.4.4 by manipulating the 'file' parameter to traverse directories and access sensitive files like /etc/passwd. The null byte (%00) is used to terminate the string and bypass file extension checks.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Coppermine 1.4.4

No auth needed

Prerequisites: Target running Coppermine 1.4.4 with vulnerable configuration

devstral-2 · analyzed Feb 16, 2026 Full analysis →