Loading
Generated remediation guidance and an executive summary. No account required.
SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.
Use CWE-89, Coppermine vendor hub and Coppermine Photo Gallery product page to widen CVE-2008-1840 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2007-1414, CVE-2007-4283 and CVE-2007-3558 for nearby disclosures in the same product family.