Loading
Generated remediation guidance and an executive summary. No account required.
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions.
Use Coppermine vendor hub and Coppermine Photo Gallery product page to widen CVE-2007-0122 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2007-1414, CVE-2007-4283 and CVE-2007-3558 for nearby disclosures in the same product family.