CVE-2015-6528

NONE EPSS 70.7%
Published Aug 20, 201510y ago · Modified Jun 17, 20262w ago
Find Similar
Published Aug 20, 2015 10y ago
Last Modified Jun 17, 2026 2w ago

Description

Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) dbuser, (7) dbpass, (8) table_prefix, or (9) impath parameter.

Threat Intelligence

EPSS Exploit Probability
70.7% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
coppermine-gallerycoppermine_photo_gallery1.5.36any

References 1

  • packetstormsecurity.com http://packetstormsecurity.com/files/133059/Coppermine-Photo-Gallery-1.5.36-Cross-Site-Scripting.html
    Exploit

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.