Risk | Medium |
Patch available | NO |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2012-1613 CVE-2012-1614 |
CWE-ID | CWE-79 CWE-200 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. |
Vulnerable software Subscribe |
Coppermine Photo Gallery Web applications / CMS |
Vendor | Coppermine Photo Gallery |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU43638
Risk: Low
CVSSv3.1: 1.5 [CVSS:3.1/AV:N/AC:L/PR:/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C]
CVE-ID: CVE-2012-1613
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionVulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsCoppermine Photo Gallery: 1.0 - 1.5.16
External linkshttp://archives.neohapsis.com/archives/bugtraq/2012-03/0167.html
http://coppermine.svn.sourceforge.net/viewvc/coppermine/trunk/cpg1.6.x/edit_one_pic.php?r1=8348&r2=8354
http://forum.coppermine-gallery.net/index.php/topic,74682.0.html
http://osvdb.org/80731
http://packetstormsecurity.org/files/111369/Coppermine-1.5.18-Cross-Site-Scripting-Path-Disclosure.html
http://secunia.com/advisories/48643
http://www.exploit-db.com/exploits/18680
http://www.openwall.com/lists/oss-security/2012/03/30/5
http://www.openwall.com/lists/oss-security/2012/03/30/6
http://www.openwall.com/lists/oss-security/2012/04/03/6
http://www.securityfocus.com/bid/52818
http://www.waraxe.us/advisory-81.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU43639
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2012-1614
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or (6) older_than parameter to search.inc.php, which reveals the installation path in an error message.
MitigationInstall update from vendor's website.
Vulnerable software versionsCoppermine Photo Gallery: 1.0 - 1.5.16
External linkshttp://archives.neohapsis.com/archives/bugtraq/2012-03/0167.html
http://coppermine.svn.sourceforge.net/viewvc/coppermine/trunk/cpg1.6.x/edit_one_pic.php?r1=8348&r2=8354
http://forum.coppermine-gallery.net/index.php/topic,74682.0.html
http://osvdb.org/80732
http://osvdb.org/80733
http://osvdb.org/80734
http://osvdb.org/80735
http://packetstormsecurity.org/files/111369/Coppermine-1.5.18-Cross-Site-Scripting-Path-Disclosure.html
http://www.exploit-db.com/exploits/18680
http://www.openwall.com/lists/oss-security/2012/03/30/5
http://www.openwall.com/lists/oss-security/2012/03/30/6
http://www.openwall.com/lists/oss-security/2012/04/03/6
http://www.securityfocus.com/bid/52818
http://www.waraxe.us/advisory-81.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.