Description: Coppermine is a multi-purpose fully-featured and integrated web picture gallery script written in PHP using GD or ImageMagick as image library with a MySQL backend. Vulnerabilities: The script mode.php does not properly sanitize the "referer" parameter. The script viewlog.php does not properly sanitize the "log" parameter. Poc/Exploit: http://localhost/cpg/mode.php?admin_mode=1&referer=javascript:alert(docu ment.cookie) http://localhost/cpg/viewlog.php?log=../../../../../../../../../etc/pass wd%00 (should need admin privileges) Solution: Update to 1.4.13 or above
Setting whiteboard status and CC'ing maintainer.
Thanks for the note! Added coppermine-1.4.13 to the tree. Removed insecure versions. App unstable on all arches, no stabilization required. Web-apps is done here.
No stabilization and no GLSA required here, closing.