Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Coppermine Photo Gallery 'Albmgr.PHP' 多个SQL注入漏洞
Vulnerability Description
Coppermine Photo Gallery 1.4.10及之前版本中存在多个SQL注入漏洞。远程认证管理员可以借助提交到albmgr.php的(1)cat参数,usermgr.php的(2)gid参数,到db_ecard.php的(3)开始参数以及到未明文件的albumid参数,执行任意的SQL指令。该漏洞与(4)文件名到标题和(5)删除标题函数有关。
CVSS Information
N/A
Vulnerability Type
N/A