CVE-2008-0504
NONE EPSS 78.0%
Published Jan 31, 200818y ago · Modified Jun 16, 20262w ago
Published Jan 31, 2008 18y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php.
Threat Intelligence
EPSS Exploit Probability
78.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-89 SQL Injection Injection
Affected Products 28
| Vendor | Product | Version | Range |
|---|---|---|---|
| coppermine-gallery | coppermine_photo_gallery | * | ≤1.4.14 |
| coppermine-gallery | coppermine_photo_gallery | 1.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.1.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.2 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.2.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.2.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.2.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.2.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.2.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.3.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.3.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.3.2 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.3.3 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.3.4 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.3.5 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.0 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.1 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.10 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.11 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.12 | any |
| coppermine-gallery | coppermine_photo_gallery | 1.4.13 | any |
References 7
- coppermine-gallery.net http://coppermine-gallery.net/forum/index.php?topic=50103.0
- secunia.com http://secunia.com/advisories/28682
- securityfocus.com http://www.securityfocus.com/archive/1/487351/100/200/threaded
- securityfocus.com http://www.securityfocus.com/bid/27509
- securitytracker.com http://www.securitytracker.com/id?1019285
- vupen.com http://www.vupen.com/english/advisories/2008/0367
- waraxe.us http://www.waraxe.us/advisory-66.html
Remediation
- coppermine-gallery.net http://coppermine-gallery.net/forum/index.php?topic=50103.0
- securityfocus.com http://www.securityfocus.com/bid/27509