Unrated severityNVD Advisory· Published Nov 26, 2006· Updated Jun 16, 2026
CVE-2006-6123
CVE-2006-6123
Description
Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote attackers to bypass XSS protection and set arbitrary variables via a query string that causes the variable to be defined in global space, with separate _GET, _REQUEST, or other critical parameters, which are unset by the protection scheme and prevent the original variable from being detected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.8_stable:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.8_stable:*:*:*:*:*:*:*
- (no CPE)range: =1.4.8
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/20597nvdVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2006-06/0482.htmlnvd
- myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.htmlnvd
- securityreason.com/securityalert/1914nvd
- svn.sourceforge.net/viewvc/copperminenvd
- www.osvdb.org/27618nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27376nvd
News mentions
0No linked articles in our index yet.