Description

Coppermine Photo Gallery before 1.5.36 allows remote attackers to enumerate directories via a full path in the folder parameter to minibrowser.php.

Remediation

References

CVE-2015-3923

Related Vulnerabilities

WordPress Plugin Powerplay Gallery 'upload.php' Arbitrary File Upload (3.2)

Oracle JRE CVE-2013-2436 Vulnerability (CVE-2013-2436)

WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29425)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607)

WordPress Plugin WP Support Plus Responsive Ticket System SQL Injection (7.1.4)

Severity

Medium

Classification

CVE-2015-3923 CWE-200

Tags

Missing Update Known Vulnerabilities