CVE-2008-0506
31.01.2008, 20:00
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.Enginsight
Vendor | Product | Version |
---|---|---|
coppermine | coppermine_photo_gallery | 𝑥 ≤ 1.4.14 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References