A couple of SQLi vulnerabilities and a local file inclusion had been reported via http://www.milw0rm.com/exploits/8713. Upstream seem just to have acknowledged the SQLi's as per $URL.
+*coppermine-1.4.24 (11 Jun 2009) + + 11 Jun 2009; Alex Legler <a3li@gentoo.org> -coppermine-1.4.19.ebuild, + +coppermine-1.4.24.ebuild: + Non-Maintainer commit: Version bump to fix security bugs 261180, 258665, + 268186 and 273758. +