CVE-2008-7186
NONE EPSS 67.8%
Published Sep 9, 200916y ago · Modified Jun 16, 20262w ago
Published Sep 9, 2009 16y ago
Last Modified Jun 16, 2026 2w ago
Description
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.
Threat Intelligence
EPSS Exploit Probability
67.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-264
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| coppermine-gallery | coppermine_photo_gallery | 1.4.14 | any |
References 4
- securityfocus.com http://www.securityfocus.com/archive/1/487351/100/200/threaded
- securitytracker.com http://www.securitytracker.com/id?1019285
- vupen.com http://www.vupen.com/english/advisories/2008/0367
- waraxe.us http://www.waraxe.us/advisory-66.html
Remediation
- vupen.com http://www.vupen.com/english/advisories/2008/0367