Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-4283 — Photo Gallery vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
6.7%
top 8.69%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Coppermine Photo Gallery
Timeline
PublishedAug 9
Latest updateMay 1

Description

PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the sourcedir parameter.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-rm9h-xhc3-q747: PHP remote file inclusion vulnerability in bridge/yabbse↗2022-05-01
â–¶
CVEList
CVE-2007-4283: PHP remote file inclusion vulnerability in bridge/yabbse↗2007-08-09
â–¶

💥Exploits & PoCs

1
Exploit-DB
Coppermine Photo Gallery 1.3/1.4 - 'YABBSE.INC.php' Remote File Inclusion↗2007-08-08
â–¶
CVE-2007-4283 — Coppermine Photo Gallery vulnerability | cvebase