Description

themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

Remediation

References

CVE-2008-3481

Related Vulnerabilities

WordPress Plugin Events Made Easy Cross-Site Scripting (2.2.23)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.51)

ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-22948)

WordPress Plugin Portfolio-WordPress Portfolio Cross-Site Request Forgery (2.8.8)

Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)

Severity

High

Classification

CVE-2008-3481 CWE-94

Tags

Missing Update Known Vulnerabilities