{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-31T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "4108", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4108"}, {"name": "6178", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/6178"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-3481", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "4108", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4108"}, {"name": "6178", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6178"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:37:27.029Z"}, "title": "CVE Program Container", "references": [{"name": "4108", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/4108"}, {"name": "6178", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/6178"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-3481", "datePublished": "2008-08-05T19:20:00.000Z", "dateReserved": "2008-08-05T00:00:00.000Z", "dateUpdated": "2024-08-07T09:37:27.029Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:*:*:*:*:*:*:*:*", "matchCriteriaId": "18597B1E-61F4-4BBA-90B5-5B5F5BF78B85", "versionEndIncluding": "1.4.18", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E358276F-157E-4D98-9055-061E6F2F2948", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "9A1831F9-4B4A-4226-B219-B3AFF06FFDBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C457C25-AF6B-4F67-BD3B-83361A48CDBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1:beta_2:*:*:*:*:*:*", "matchCriteriaId": "808B8E20-BE09-4FC2-BC73-2F10261E82B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2003E2A5-A902-45A1-9189-15B956976ECD", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A53D1BF-C884-40F9-9D46-9CCD9ADC183E", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "34A35889-023F-4305-A5A8-F7A8D3409172", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E51F81AC-6AE1-40E5-B2CB-34E1B5985C93", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.1:b:*:*:*:*:*:*", "matchCriteriaId": "8A465AB3-1426-4966-87DF-A1FA3FCCE5A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.1:b-nuke:*:*:*:*:*:*", "matchCriteriaId": "E9D7FF03-F2A7-4014-BF17-8393F5220AC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC98C672-0D2E-4A78-A206-CC44A5A6E14E", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4:beta:*:*:*:*:*:*", "matchCriteriaId": "60C520A7-686D-40AB-A41B-EDDF3EC86819", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "4AFF3F0F-88BF-4EB4-8DCA-4D46D181FCF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.1:beta:*:*:*:*:*:*", "matchCriteriaId": "196B664C-C400-4770-893B-E327D40CD525", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A3BF818D-86E5-4886-9447-FE70CBEAEA0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B94FCD31-EECA-4323-A63A-554A2AFB3DA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "C1C70B0A-C8C8-449E-A8C4-A595B7404DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "E4388EF8-6825-4E8A-B9F2-7D2F69A95865", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "27D59D3A-F55C-4403-BD43-35162EC0E4FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "13B39376-C331-45B5-95AD-C3DD56BBF687", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "FF3DFE45-B65A-46FB-8584-A338143E4F68", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "15516E4B-8B16-4B81-8881-2E358144BA79", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "ECEE8E75-36D2-4F99-967E-52FDFA150E17", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "B8946662-2C1C-4113-977F-5D7FC3161565", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "C2F59212-9725-4926-9905-28C8C64A3A58", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "A5FB7773-BBCA-4825-8489-7EE43D6BD312", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "71058CB9-81CA-4F5B-8204-F21C906A71EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "197EF2C1-ADCF-4596-B5A0-689C10720906", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "EB199205-489B-4BB7-81A4-94D45E19349B", "vulnerable": true}, {"criteria": "cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "BFD299AB-0B18-472B-B99E-C0D585AA21CE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."}, {"lang": "es", "value": "themes/sample/theme.php en Coppermine Photo Gallery (CPG) 1.4.18 y versiones anteriores que permite a los atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de peticiones directas, que revelan la ruta de instalaci\u00f3n en un mensaje de error."}], "evaluatorImpact": "as per vendor link: http://coppermine-gallery.net/\r\n\"The development team is releasing a security update for Coppermine in order to counter a recently discovered injection vulnerability. It is important that all users who run version cpg1.4.18 or older update to this latest version as soon as possible.\" CVSS score based on this information.", "id": "CVE-2008-3481", "lastModified": "2026-04-23T00:35:47.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-08-05T19:41:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/4108"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/6178"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/4108"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/6178"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}