var-200404-0079
Vulnerability from variot
PHP remote file inclusion vulnerability in theme.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to execute arbitrary PHP code by modifying the THEME_DIR parameter to reference a URL on a remote web server that contains user_list_info_box.inc. Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly sanitize and validate user-supplied input before using it in dynamic content and in function calls that execute system commands. Attackers may exploit these issues to steal cookie-based authentication credentials, map the application root directory of the affected application, execute arbitrary commands, and include arbitrary files. Other attacks are also possible. Coppermine Photo Gallery is a WEB-based graphics library management program. Coppermine Photo Gallery does not fully filter the input submitted by users in many places. The specific issues are as follows: 1. Path leakage: By directly accessing some configuration scripts, sensitive path information can be obtained. 2. Cross-site scripting attack coppermine/docs/menu.inc.php\'\' lacks filtering for user submitted URIs, attackers can use this vulnerability to obtain sensitive information. 3. Browse any directory: If you have PHP-Nuke administrator privileges, you can bypass directory restrictions to access other files by accessing the coppermine module. 4. Arbitrary command execution: If you have PHP-Nuke administrator privileges to access the coppermine module, you can enter the SHELL command in some parameters of the coppermine configuration panel, and execute it with WEB process privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200404-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "photo gallery",
"scope": "eq",
"trust": 1.9,
"vendor": "coppermine",
"version": "1.2.1"
},
{
"model": "photo gallery",
"scope": "eq",
"trust": 1.9,
"vendor": "coppermine",
"version": "1.2"
},
{
"model": "photo gallery",
"scope": "eq",
"trust": 1.6,
"vendor": "coppermine",
"version": "1.0_rc3"
},
{
"model": "photo gallery",
"scope": "eq",
"trust": 1.6,
"vendor": "coppermine",
"version": "1.2.2_b"
},
{
"model": "photo gallery",
"scope": "eq",
"trust": 1.6,
"vendor": "coppermine",
"version": "1.1_beta_2"
},
{
"model": "photo gallery",
"scope": "eq",
"trust": 1.6,
"vendor": "coppermine",
"version": "1.1_.0"
},
{
"model": "php-nuke",
"scope": "eq",
"trust": 1.0,
"vendor": "francisco burzi",
"version": "7.0_final"
},
{
"model": "php-nuke",
"scope": "eq",
"trust": 1.0,
"vendor": "francisco burzi",
"version": "7.2"
},
{
"model": "php-nuke",
"scope": "eq",
"trust": 1.0,
"vendor": "francisco burzi",
"version": "7.0"
},
{
"model": "php-nuke",
"scope": "eq",
"trust": 1.0,
"vendor": "francisco burzi",
"version": "7.1"
},
{
"model": "php-nuke",
"scope": "eq",
"trust": 1.0,
"vendor": "francisco burzi",
"version": "6.9"
},
{
"model": "burzi php-nuke",
"scope": "eq",
"trust": 0.3,
"vendor": "francisco",
"version": "7.2"
},
{
"model": "burzi php-nuke",
"scope": "eq",
"trust": 0.3,
"vendor": "francisco",
"version": "7.1"
},
{
"model": "burzi php-nuke final",
"scope": "eq",
"trust": 0.3,
"vendor": "francisco",
"version": "7.0"
},
{
"model": "burzi php-nuke",
"scope": "eq",
"trust": 0.3,
"vendor": "francisco",
"version": "7.0"
},
{
"model": "burzi php-nuke",
"scope": "eq",
"trust": 0.3,
"vendor": "francisco",
"version": "6.9"
},
{
"model": "photo gallery b",
"scope": "eq",
"trust": 0.3,
"vendor": "coppermine",
"version": "1.2.2"
},
{
"model": "photo gallery beta",
"scope": "eq",
"trust": 0.3,
"vendor": "coppermine",
"version": "1.12"
},
{
"model": "photo gallery",
"scope": "eq",
"trust": 0.3,
"vendor": "coppermine",
"version": "1.1.0"
},
{
"model": "photo gallery rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "coppermine",
"version": "1.0"
}
],
"sources": [
{
"db": "BID",
"id": "10253"
},
{
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.0_rc3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.1_.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:francisco_burzi:php-nuke:7.0_final:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:francisco_burzi:php-nuke:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:francisco_burzi:php-nuke:6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:francisco_burzi:php-nuke:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.1_beta_2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:francisco_burzi:php-nuke:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.2.2_b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1989"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Janek Vind\u203b come2waraxe@yahoo.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1989",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-10417",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1989",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200404-104",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-10417",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10417"
},
{
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PHP remote file inclusion vulnerability in theme.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to execute arbitrary PHP code by modifying the THEME_DIR parameter to reference a URL on a remote web server that contains user_list_info_box.inc. Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly sanitize and validate user-supplied input before using it in dynamic content and in function calls that execute system commands. \nAttackers may exploit these issues to steal cookie-based authentication credentials, map the application root directory of the affected application, execute arbitrary commands, and include arbitrary files. Other attacks are also possible. Coppermine Photo Gallery is a WEB-based graphics library management program. Coppermine Photo Gallery does not fully filter the input submitted by users in many places. The specific issues are as follows: 1. Path leakage: By directly accessing some configuration scripts, sensitive path information can be obtained. 2. Cross-site scripting attack coppermine/docs/menu.inc.php\\\u0027\\\u0027 lacks filtering for user submitted URIs, attackers can use this vulnerability to obtain sensitive information. 3. Browse any directory: If you have PHP-Nuke administrator privileges, you can bypass directory restrictions to access other files by accessing the coppermine module. 4. Arbitrary command execution: If you have PHP-Nuke administrator privileges to access the coppermine module, you can enter the SHELL command in some parameters of the coppermine configuration panel, and execute it with WEB process privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"db": "BID",
"id": "10253"
},
{
"db": "VULHUB",
"id": "VHN-10417"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-10417",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10417"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-1989",
"trust": 2.0
},
{
"db": "BID",
"id": "10253",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "5912",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1010001",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "11524",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200404-104",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20040502 [WARAXE-2004-SA#026 - MULTIPLE VULNERABILITIES IN COPPERMINE PHOTO GALLERY FOR PHPNUKE]",
"trust": 0.6
},
{
"db": "XF",
"id": "16041",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-77813",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "24075",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-10417",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10417"
},
{
"db": "BID",
"id": "10253"
},
{
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
]
},
"id": "VAR-200404-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10417"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:13:47.633000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1989"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10253"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/5912"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1010001"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11524"
},
{
"trust": 1.6,
"url": "http://www.waraxe.us/index.php?modname=sa\u0026id=26"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16041"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108360247732014\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16041"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108360247732014\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.chezgreg.net/coppermine/"
},
{
"trust": 0.3,
"url": "/archive/1/361976"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108360247732014\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://www.waraxe.us/index.php?modname=sa\u0026amp;id=26"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10417"
},
{
"db": "BID",
"id": "10253"
},
{
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10417"
},
{
"db": "BID",
"id": "10253"
},
{
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-10417"
},
{
"date": "2004-04-30T00:00:00",
"db": "BID",
"id": "10253"
},
{
"date": "2004-04-30T04:00:00",
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"date": "2004-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10417"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "10253"
},
{
"date": "2017-07-11T01:31:31.810000",
"db": "NVD",
"id": "CVE-2004-1989"
},
{
"date": "2006-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Coppermine Photo Gallery Multiple Input Validation Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "10253"
},
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200404-104"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.