ID:4258 - Exploit for Information disclosure in Coppermine Photo Gallery - CVE-2012-1614

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4258 - Exploit for Information disclosure in Coppermine Photo Gallery - CVE-2012-1614

ID:4258 - Exploit for Information disclosure in Coppermine Photo Gallery - CVE-2012-1614

Published: August 11, 2020


Vulnerability identifier: #VU43639
Vulnerability risk: Medium
CVE-ID: CVE-2012-1614
CWE-ID: CWE-200
Exploitation vector: Remote access
Vulnerable software:
Coppermine Photo Gallery

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or (6) older_than parameter to search.inc.php, which reveals the installation path in an error message.


Remediation

Install update from vendor's website.