Coppermine Photo Gallery 'upload.php' Cross Site Scripting Vulnerability

Bugtraq ID:	38173
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 28 2010 12:00AM
Updated:	Jan 28 2010 12:00AM
Credit:	Ivan Buetler and the GESEC Team
Vulnerable:	Coppermine Photo Gallery 1.4.25 Coppermine Photo Gallery 1.4.22 Coppermine Photo Gallery 1.4.21 Coppermine Photo Gallery 1.4.20 Coppermine Photo Gallery 1.4.18 Coppermine Photo Gallery 1.4.17 Coppermine Photo Gallery 1.4.16 Coppermine Photo Gallery 1.4.15 Coppermine Photo Gallery 1.4.14 Coppermine Photo Gallery 1.4.13 Coppermine Photo Gallery 1.4.12 Coppermine Photo Gallery 1.4.11 Coppermine Photo Gallery 1.4.10 Coppermine Photo Gallery 1.4.9 Coppermine Photo Gallery 1.4.4 Coppermine Photo Gallery 1.4.3 Coppermine Photo Gallery 1.4.2 Coppermine Photo Gallery 1.4 Coppermine Photo Gallery 1.3.4 Coppermine Photo Gallery 1.3.3 Coppermine Photo Gallery 1.3.2 Coppermine Photo Gallery 1.3.1 Coppermine Photo Gallery 1.3 Coppermine Photo Gallery 1.2.2 b-Nuke Coppermine Photo Gallery 1.2.2 b Coppermine Photo Gallery 1.2.1 Coppermine Photo Gallery 1.2 Coppermine Photo Gallery 1.1 beta 2 Coppermine Photo Gallery 1.1 .0 Coppermine Photo Gallery 1.0 RC3 Coppermine Photo Gallery 1.0

Not Vulnerable:	Coppermine Photo Gallery 1.4.26