CVE-2014-4612
NONE EPSS 68.7%
Published Mar 16, 20188y ago · Modified Jun 17, 20262w ago
Published Mar 16, 2018 8y ago
Last Modified Jun 17, 2026 2w ago
Description
Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Threat Intelligence
EPSS Exploit Probability
68.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 2
| Vendor | Product | Version | Range |
|---|---|---|---|
| coppermine-gallery | coppermine_photo_gallery | * | <1.5.28 |
| coppermine-gallery | coppermine_photo_gallery | * | ≥1.6.0 – <1.6.01 |
References 7
- forum.coppermine-gallery.net http://forum.coppermine-gallery.net/index.php/topic%2C77376.0.html
- seclists.org http://seclists.org/oss-sec/2014/q2/608
- seclists.org http://seclists.org/oss-sec/2014/q2/620
- sourceforge.net http://sourceforge.net/p/coppermine/code/8674
- securityfocus.com http://www.securityfocus.com/bid/68140
- sourceforge.net https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.5.x/CHANGELOG.txt
- sourceforge.net https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.6.x/CHANGELOG.txt
Remediation
- seclists.org http://seclists.org/oss-sec/2014/q2/608
- sourceforge.net http://sourceforge.net/p/coppermine/code/8674