coppermine-gallery

Top products

The 15 most recently published vulnerabilities affecting coppermine-gallery.

• CVE-2023-53868Coppermine Gallery 1.6.25 Remote Code Execution via Plugin Upload8.8Dec 15, 2025
• CVE-2010-4815Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution.9.8Feb 5, 2020
• CVE-2018-14478ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.6.1May 7, 2019
• CVE-2014-4612Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web s...6.1Mar 16, 2018
• CVE-2015-6528Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_u...4.3Aug 20, 2015
• CVE-2015-3923Coppermine Photo Gallery before 1.5.36 allows remote attackers to enumerate directories via a full path in the folder parameter to minibrowser.php.5.0Jun 10, 2015
• CVE-2015-3922Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the refe...5.8May 27, 2015
• CVE-2015-3921Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.3.5May 27, 2015
• CVE-2012-1614Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parame...5.0Sep 4, 2012
• CVE-2012-1613Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HT...3.5Sep 4, 2012
• CVE-2011-3722Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demons...5.0Sep 23, 2011
• CVE-2011-2476Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerab...4.3Jun 14, 2011
• CVE-2010-4667Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.4.27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.4.3Jun 14, 2011
• CVE-2010-4693Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters t...4.3Jan 11, 2011
• CVE-2008-7187Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.5.0Sep 9, 2009