CVE-2011-2476 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 51%

Vendor	Product	Version
coppermine-gallery	coppermine_photo_gallery	𝑥 ≤ 1.5.10
coppermine-gallery	coppermine_photo_gallery	1.0
coppermine-gallery	coppermine_photo_gallery	1.0:rc3
coppermine-gallery	coppermine_photo_gallery	1.1
coppermine-gallery	coppermine_photo_gallery	1.1:beta_2
coppermine-gallery	coppermine_photo_gallery	1.1.0
coppermine-gallery	coppermine_photo_gallery	1.2
coppermine-gallery	coppermine_photo_gallery	1.2.0
coppermine-gallery	coppermine_photo_gallery	1.2.0:rc2
coppermine-gallery	coppermine_photo_gallery	1.2.1
coppermine-gallery	coppermine_photo_gallery	1.2.1:b
coppermine-gallery	coppermine_photo_gallery	1.2.1:b-nuke
coppermine-gallery	coppermine_photo_gallery	1.3.0
coppermine-gallery	coppermine_photo_gallery	1.3.1
coppermine-gallery	coppermine_photo_gallery	1.3.2
coppermine-gallery	coppermine_photo_gallery	1.3.3
coppermine-gallery	coppermine_photo_gallery	1.3.4
coppermine-gallery	coppermine_photo_gallery	1.3.5
coppermine-gallery	coppermine_photo_gallery	1.4
coppermine-gallery	coppermine_photo_gallery	1.4:beta
coppermine-gallery	coppermine_photo_gallery	1.4.0
coppermine-gallery	coppermine_photo_gallery	1.4.0:alpha
coppermine-gallery	coppermine_photo_gallery	1.4.0:beta
coppermine-gallery	coppermine_photo_gallery	1.4.1
coppermine-gallery	coppermine_photo_gallery	1.4.1:beta
coppermine-gallery	coppermine_photo_gallery	1.4.2
coppermine-gallery	coppermine_photo_gallery	1.4.3
coppermine-gallery	coppermine_photo_gallery	1.4.4
coppermine-gallery	coppermine_photo_gallery	1.4.5
coppermine-gallery	coppermine_photo_gallery	1.4.6
coppermine-gallery	coppermine_photo_gallery	1.4.7
coppermine-gallery	coppermine_photo_gallery	1.4.8
coppermine-gallery	coppermine_photo_gallery	1.4.9
coppermine-gallery	coppermine_photo_gallery	1.4.10
coppermine-gallery	coppermine_photo_gallery	1.4.11
coppermine-gallery	coppermine_photo_gallery	1.4.12
coppermine-gallery	coppermine_photo_gallery	1.4.13
coppermine-gallery	coppermine_photo_gallery	1.4.14
coppermine-gallery	coppermine_photo_gallery	1.4.15
coppermine-gallery	coppermine_photo_gallery	1.4.16
coppermine-gallery	coppermine_photo_gallery	1.4.17
coppermine-gallery	coppermine_photo_gallery	1.4.18
coppermine-gallery	coppermine_photo_gallery	1.4.19
coppermine-gallery	coppermine_photo_gallery	1.4.20
coppermine-gallery	coppermine_photo_gallery	1.4.21
coppermine-gallery	coppermine_photo_gallery	1.4.22
coppermine-gallery	coppermine_photo_gallery	1.4.23
coppermine-gallery	coppermine_photo_gallery	1.4.24
coppermine-gallery	coppermine_photo_gallery	1.4.25
coppermine-gallery	coppermine_photo_gallery	1.4.26
coppermine-gallery	coppermine_photo_gallery	1.4.27
coppermine-gallery	coppermine_photo_gallery	1.5.1:alpha
coppermine-gallery	coppermine_photo_gallery	1.5.2:beta
coppermine-gallery	coppermine_photo_gallery	1.5.3:rc
coppermine-gallery	coppermine_photo_gallery	1.5.4
coppermine-gallery	coppermine_photo_gallery	1.5.6
coppermine-gallery	coppermine_photo_gallery	1.5.8

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://forum.coppermine-gallery.net/index.php/topic%2C69495.0.html

http://sourceforge.net/news/?group_id=89658

http://www.openwall.com/lists/oss-security/2011/06/08/2

http://www.openwall.com/lists/oss-security/2011/06/08/6

https://exchange.xforce.ibmcloud.com/vulnerabilities/68058

http://forum.coppermine-gallery.net/index.php/topic%2C69495.0.html

http://sourceforge.net/news/?group_id=89658

http://www.openwall.com/lists/oss-security/2011/06/08/2

http://www.openwall.com/lists/oss-security/2011/06/08/6

https://exchange.xforce.ibmcloud.com/vulnerabilities/68058