Unrated severityNVD Advisory· Published Jan 9, 2007· Updated Apr 23, 2026

CVE-2007-0115

Description

Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the Username to login.php, which is injected into an error message in security.log.php, which can then be accessed using viewlog.php.

Affected products

Coppermine/Coppermine Photo Gallery
cpe:2.3:a:coppermine:coppermine_photo_gallery:*:*:*:*:*:*:*:*
Range: <=1.4.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

acid-root.new.fr/poc/19070104.txtnvdExploit
www.attrition.org/pipermail/vim/2007-January/001218.htmlnvdExploit
osvdb.org/33383nvd
securityreason.com/securityalert/2107nvd
www.securityfocus.com/archive/1/456051/100/0/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000