Description
Coppermine Photo Gallery before 1.5.36 allows remote attackers to enumerate directories via a full path in the folder parameter to minibrowser.php.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75140
Exploit x_refsource_misc
http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032558
Various Sources x_refsource_confirm
http://forum.coppermine-gallery.net/index.php/topic%2C78194.0.html
Scores
EPSS
0.0226
EPSS Percentile
80.8%
Details
CWE
CWE-200
Status
published
Products (1)
coppermine-gallery/coppermine_photo_gallery
< 1.5.4
Published
Jun 10, 2015
Tracked Since
Feb 18, 2026