CVE-2004-1987

Exploit

EPSS 0.28%
Published 30.04.2004 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Coppermine ≫ Coppermine Photo Gallery Version1.0_rc3

Coppermine ≫ Coppermine Photo Gallery Version1.1_.0

Coppermine ≫ Coppermine Photo Gallery Version1.1_beta_2

Coppermine ≫ Coppermine Photo Gallery Version1.2

Coppermine ≫ Coppermine Photo Gallery Version1.2.1

Coppermine ≫ Coppermine Photo Gallery Version1.2.2_b

Francisco Burzi ≫ Php-nuke Version6.9

Francisco Burzi ≫ Php-nuke Version7.0

Francisco Burzi ≫ Php-nuke Version7.0_final

Francisco Burzi ≫ Php-nuke Version7.1

Francisco Burzi ≫ Php-nuke Version7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.28%	0.513

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=108360247732014&w=2

http://secunia.com/advisories/11524

Vendor Advisory

Exploit

http://securitytracker.com/id?1010001

http://www.securityfocus.com/bid/10253

Vendor Advisory

Exploit

http://www.waraxe.us/index.php?modname=sa&id=26

Vendor Advisory

Exploit

http://www.osvdb.org/5759

https://exchange.xforce.ibmcloud.com/vulnerabilities/16043

https://nvd.nist.gov/vuln/detail/CVE-2004-1987

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1987

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1987

EUVD