Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

[KAPDA]Coppermine 1.4.8~Parameter Cleanup System ByPass~Registering Global Varables

From: addmimistrator () gmail com
Date: 23 Jun 2006 11:25:16 -0000
ORIGINAL ADVISORY:
http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html
VENDOR INFORMED
——————-Summary—————-
Software: CPG Coppermine Photo Gallery
Sowtware’s Web Site: http://coppermine.sourceforge.net/
Versions: 1.4.8.stable
Class: Remote
Status: Unpatched
Exploit: Available
Discovered by: imei addmimistrator
Risk Level: Mediume
—————–Description—————
Coppermine Photo Gallery has a logical design fault that will result to bypassing anti-XSS-Injection–RegGlobal-System.


SEE ORIGINAL ADVISORY FOR MORE DETAILES
Previous By Date Next
Previous By Thread Next

Current thread: