CyberSec.Space Logo
Back to CVE Browser

CVE-2005-1225

HIGH
7.5
CVSS Severity Score
EPSS Score0.1780%
EPSS Percentile30.54th
PublishedMay 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote attackers to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php.

Affected Platforms (CPE)

πŸ“¦
Coppermine

Coppermine Photo Gallery

= 1.3.2

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=111402186304179&w=2
πŸ”— http://secunia.com/advisories/15004
πŸ”— http://www.waraxe.us/advisory-42.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/20205
πŸ”— http://marc.info/?l=bugtraq&m=111402186304179&w=2
πŸ”— http://secunia.com/advisories/15004
πŸ”— http://www.waraxe.us/advisory-42.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/20205

Related Vulnerabilities

CVE-2007-141410.0

Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote attackers to execute arbitrary P...

CVE-2004-19887.5

PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows remote attackers to execute a...

CVE-2004-19877.5

picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to ex...

CVE-2004-19897.5

PHP remote file inclusion vulnerability in theme.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to execute arbitra...