Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: New posible SQL injection in 4.10 last version coppermine ....  (Read 3294 times)

0 Members and 1 Guest are viewing this topic.

tuxsoul

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 17
    • blog
New posible SQL injection in 4.10 last version coppermine ....
« on: January 06, 2007, 01:33:07 am »

Hi, checkin in de bugtracks system, i see this exploid to use in coppermine gallery, can the developers check this exploid please ?

http://www.securityfocus.com/archive/1/456051/30/0/threaded

greetings sorry my english is bad  :P
Logged
żdo you like my comment?, gift me one bitcoin: 1266FWznbEW1uLNPsLU9ATBxGuM1U19thB
bitcoin pay forward project: 15pjRCNT2CpzVo7HQ6b6r4q18Vv4Da7y9K

Nibbler

  • Guest
Re: New posible SQL injection in 4.10 last version coppermine ....
« Reply #1 on: January 06, 2007, 01:46:12 am »

The SQL vulnerability can only be exploited by those who already have an admin account. It poses little danger.
Logged

Tarique Sani

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 2712
    • http://tariquesani.net
Re: New posible SQL injection in 4.10 last version coppermine ....
« Reply #2 on: January 06, 2007, 07:54:18 am »

+1 to what Nibbler said, no immediate threat but will be fixed in future versions
Logged
SANIsoft PHP applications for E Biz
Pages: [1]   Go Up
 

Page created in 0.018 seconds with 19 queries.