CVE-2007-3558

Coppermine Photo Gallery < 1.4.10 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in Coppermine Photo Gallery (CPG) before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · phpwebappsphp

https://www.exploit-db.com/exploits/3085

View Code ZIP pw:eip

References (3)

[Patch] http://coppermine-gallery.net/forum/index.php?topic=44845.0

[Vendor Advisory] http://secunia.com/advisories/25846

[Patch] http://www.securityfocus.com/bid/24710

Scores

EPSS 0.0093

EPSS Percentile 76.2%

Details

Status published

Products (1)

coppermine/coppermine_photo_gallery < 1.4.10

Published Jul 04, 2007

Tracked Since Feb 18, 2026