CVE-2007-0115

Exploit

EPSS 0.74%
Published 09.01.2007 02:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the Username to login.php, which is injected into an error message in security.log.php, which can then be accessed using viewlog.php.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Coppermine ≫ Coppermine Photo Gallery Version <= 1.4.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.74%	0.719

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P

http://acid-root.new.fr/poc/19070104.txt

Exploit

http://osvdb.org/33383

http://securityreason.com/securityalert/2107

http://www.attrition.org/pipermail/vim/2007-January/001218.html

Exploit

http://www.securityfocus.com/archive/1/456051/100/0/threaded

https://nvd.nist.gov/vuln/detail/CVE-2007-0115

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0115

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0115

EUVD