CVE-2015-6528
NONE EPSS 70.7%
Published Aug 20, 201510y ago · Modified Jun 17, 20262w ago
Published Aug 20, 2015 10y ago
Last Modified Jun 17, 2026 2w ago
Description
Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) dbuser, (7) dbpass, (8) table_prefix, or (9) impath parameter.
Threat Intelligence
EPSS Exploit Probability
70.7% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| coppermine-gallery | coppermine_photo_gallery | 1.5.36 | any |
References 1
- packetstormsecurity.com http://packetstormsecurity.com/files/133059/Coppermine-Photo-Gallery-1.5.36-Cross-Site-Scripting.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.