Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4321Photo Gallery vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
16.4%
top 5.11%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Coppermine Photo Gallery
Timeline
PublishedAug 24
Latest updateMay 1

Description

PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cpg) 1.0 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5v96-383f-26hv: PHP remote file inclusion vulnerability in cpg2022-05-01
CVEList
CVE-2006-4321: PHP remote file inclusion vulnerability in cpg2006-08-24

💥Exploits & PoCs

1
Exploit-DB
Mambo Component CopperminePhotoGalery - Remote File Inclusion2006-08-16
CVE-2006-4321 — Coppermine Photo Gallery vulnerability | cvebase