Описание
SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.
SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1840
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41784
- http://forum.coppermine-gallery.net/index.php/topic%2C51787%2C0.html
- http://forum.coppermine-gallery.net/index.php/topic,51787,0.html
- http://secunia.com/advisories/29795
- http://sourceforge.net/project/shownotes.php?group_id=89658&release_id=592069
- http://www.osvdb.org/44345
- http://www.securityfocus.com/bid/28766
Связанные уязвимости
SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.