CVE-2008-3481
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
05/08/2008
Last modified:
09/04/2025
Description
themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:*:*:*:*:*:*:*:* | 1.4.18 (including) | |
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1:beta_2:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.1:b:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.1:b-nuke:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4:beta:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.0:alpha:*:*:*:*:*:* | ||
| cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.1:beta:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page