CVE-2007-0835 — Photo Gallery vulnerability

3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.8%

top 26.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Coppermine Photo Gallery

Timeline

PublishedFeb 8

Latest updateMay 1

Description

admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to execute arbitrary shell commands via shell metacharacters (";" semicolon) in the "Command line options for ImageMagick" form field, when used as an option to ImageMagick's convert command. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

▶NVDcoppermine/coppermine_photo_gallery1.4.10

🔴Vulnerability Details

GHSA

GHSA-jcgq-qpr9-w6pc: admin↗2022-05-01

▶

CVEList

CVE-2007-0835: admin↗2007-02-08

▶