Sign-up

ID

VAR-200404-0077


CVE

CVE-2004-1987


TITLE

Coppermine Photo Gallery Multiple Input Validation Vulnerabilities

Trust: 0.9

sources: BID: 10253 // CNNVD: CNNVD-200404-102

DESCRIPTION

picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters. These issues occur because the application fails to properly sanitize and validate user-supplied input before using it in dynamic content and in function calls that execute system commands. Attackers may exploit these issues to steal cookie-based authentication credentials, map the application root directory of the affected application, execute arbitrary commands, and include arbitrary files. Other attacks are also possible. Coppermine Photo Gallery is a WEB-based graphics library management program. Coppermine Photo Gallery does not fully filter the input submitted by users in many places. The specific issues are as follows: 1. Path leakage: By directly accessing some configuration scripts, sensitive path information can be obtained. 2. Cross-site scripting attack coppermine/docs/menu.inc.php\'\' lacks filtering for user submitted URIs, attackers can use this vulnerability to obtain sensitive information. 3. Browse any directory: If you have PHP-Nuke administrator privileges, you can bypass directory restrictions to access other files by accessing the coppermine module. 4

Trust: 1.26

sources: NVD: CVE-2004-1987 // BID: 10253 // VULHUB: VHN-10415

AFFECTED PRODUCTS

vendor:copperminemodel:photo galleryscope:eqversion:1.2.1

Trust: 1.9

vendor:copperminemodel:photo galleryscope:eqversion:1.2

Trust: 1.9

vendor:copperminemodel:photo galleryscope:eqversion:1.1_beta_2

Trust: 1.6

vendor:copperminemodel:photo galleryscope:eqversion:1.0_rc3

Trust: 1.6

vendor:copperminemodel:photo galleryscope:eqversion:1.1_.0

Trust: 1.6

vendor:copperminemodel:photo galleryscope:eqversion:1.2.2_b

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.1

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.2

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.9

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.0_final

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.0

Trust: 1.0

vendor:franciscomodel:burzi php-nukescope:eqversion:7.2

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.1

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.9

Trust: 0.3

vendor:copperminemodel:photo gallery bscope:eqversion:1.2.2

Trust: 0.3

vendor:copperminemodel:photo gallery betascope:eqversion:1.12

Trust: 0.3

vendor:copperminemodel:photo galleryscope:eqversion:1.1.0

Trust: 0.3

vendor:copperminemodel:photo gallery rc3scope:eqversion:1.0

Trust: 0.3

sources: BID: 10253 // CNNVD: CNNVD-200404-102 // NVD: CVE-2004-1987

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-1987
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200404-102
value: HIGH

Trust: 0.6

VULHUB: VHN-10415
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-1987
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10415
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10415 // CNNVD: CNNVD-200404-102 // NVD: CVE-2004-1987

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1987

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200404-102

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200404-102

EXTERNAL IDS

db:NVDid:CVE-2004-1987

Trust: 2.0

db:BIDid:10253

Trust: 2.0

db:SECTRACKid:1010001

Trust: 1.7

db:SECUNIAid:11524

Trust: 1.7

db:OSVDBid:5759

Trust: 1.7

db:CNNVDid:CNNVD-200404-102

Trust: 0.7

db:BUGTRAQid:20040502 [WARAXE-2004-SA#026 - MULTIPLE VULNERABILITIES IN COPPERMINE PHOTO GALLERY FOR PHPNUKE]

Trust: 0.6

db:XFid:16043

Trust: 0.6

db:VULHUBid:VHN-10415

Trust: 0.1

sources: VULHUB: VHN-10415 // BID: 10253 // CNNVD: CNNVD-200404-102 // NVD: CVE-2004-1987

REFERENCES

url:http://www.securityfocus.com/bid/10253

Trust: 1.7

url:http://www.osvdb.org/5759

Trust: 1.7

url:http://securitytracker.com/id?1010001

Trust: 1.7

url:http://secunia.com/advisories/11524

Trust: 1.7

url:http://www.waraxe.us/index.php?modname=sa&id=26

Trust: 1.6

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16043

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=108360247732014&w=2

Trust: 1.0

url:http://xforce.iss.net/xforce/xfdb/16043

Trust: 0.6

url:http://marc.theaimsgroup.com/?l=bugtraq&m=108360247732014&w=2

Trust: 0.6

url:http://www.chezgreg.net/coppermine/

Trust: 0.3

url:/archive/1/361976

Trust: 0.3

url:http://marc.info/?l=bugtraq&m=108360247732014&w=2

Trust: 0.1

url:http://www.waraxe.us/index.php?modname=sa&id=26

Trust: 0.1

sources: VULHUB: VHN-10415 // BID: 10253 // CNNVD: CNNVD-200404-102 // NVD: CVE-2004-1987

CREDITS

Janek Vind※ come2waraxe@yahoo.com

Trust: 0.6

sources: CNNVD: CNNVD-200404-102

SOURCES

db:VULHUBid:VHN-10415
db:BIDid:10253
db:CNNVDid:CNNVD-200404-102
db:NVDid:CVE-2004-1987

LAST UPDATE DATE

2024-08-14T13:51:17.156000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-10415date:2017-07-11T00:00:00
db:BIDid:10253date:2016-07-06T14:40:00
db:CNNVDid:CNNVD-200404-102date:2005-10-20T00:00:00
db:NVDid:CVE-2004-1987date:2017-07-11T01:31:31.700

SOURCES RELEASE DATE

db:VULHUBid:VHN-10415date:2004-04-30T00:00:00
db:BIDid:10253date:2004-04-30T00:00:00
db:CNNVDid:CNNVD-200404-102date:2004-04-30T00:00:00
db:NVDid:CVE-2004-1987date:2004-04-30T04:00:00