Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: More possible issues in Coppermine Gallery ...  (Read 3237 times)

0 Members and 1 Guest are viewing this topic.

tuxsoul

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 17
    • blog
More possible issues in Coppermine Gallery ...
« on: June 23, 2006, 11:50:25 pm »

Hi, how ever i can show this report's that see in the web:

ORIGINAL ADVISORY:
http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html
VENDOR INFORMED
������-Summary�����-
Software: CPG Coppermine Photo Gallery
Sowtware�s Web Site: http://coppermine.sourceforge.net/
Versions: 1.4.8.stable
Class: Remote
Status: Unpatched
Exploit: Available
Discovered by: imei addmimistrator
Risk Level: Mediume
������Description�����
Coppermine Photo Gallery has a logical design fault that will result to bypassing anti-XSS-Injection�RegGlobal-System.


SEE ORIGINAL ADVISORY FOR MORE DETAILES


How ever thank's to dev team for check and fix's this possibles issues :-D
Logged
żdo you like my comment?, gift me one bitcoin: 1266FWznbEW1uLNPsLU9ATBxGuM1U19thB
bitcoin pay forward project: 15pjRCNT2CpzVo7HQ6b6r4q18Vv4Da7y9K

Paver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1609
  • Paul V.
Re: More possible issues in Coppermine Gallery ...
« Reply #1 on: June 24, 2006, 03:28:32 am »

As the advisory you posted clearly says: "VENDOR INFORMED" (the vendor is the Coppermine dev team).  The dev team is on top of this.  "imei" was very kind to contact us personally about these issues.
Logged

Abbas Ali

  • Administrator
  • Coppermine addict
  • *****
  • Country: in
  • Offline Offline
  • Gender: Male
  • Posts: 2165
  • Spread the PHP Web
    • Ranium Systems
Re: More possible issues in Coppermine Gallery ...
« Reply #2 on: June 24, 2006, 08:05:04 am »

And now this has been fixed in SVN.
Logged
Chief Geek at Ranium Systems
Pages: [1]   Go Up
 

Page created in 0.021 seconds with 19 queries.