CVE-2007-0836
First published: Thu Feb 08 2007(Updated: )
admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to include arbitrary local and possibly remote files via the (1) "Path to custom header include" and (2) "Path to custom footer include" form fields. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Coppermine Photo Gallery | <=1.4.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-0836?
CVE-2007-0836 is considered a high severity vulnerability due to its potential for remote file inclusion by authenticated users.
How do I fix CVE-2007-0836?
To fix CVE-2007-0836, update Coppermine Photo Gallery to version 1.4.11 or later to mitigate the vulnerability.
Who is affected by CVE-2007-0836?
CVE-2007-0836 affects Coppermine Photo Gallery versions 1.4.10 and earlier installations.
What type of vulnerability is CVE-2007-0836?
CVE-2007-0836 is a remote file inclusion vulnerability that allows authenticated users to include arbitrary files.
What can attackers do with CVE-2007-0836?
Attackers exploiting CVE-2007-0836 can potentially execute malicious code on the server by including unauthorized files.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/coppermine
- canonical/coppermine photo gallery
- version/coppermine photo gallery/1.4.10