Is Coppermine 1.31 a Security Threat? Is Coppermine 1.31 a Security Threat?
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

Is Coppermine 1.31 a Security Threat?

Started by ehwhat, August 09, 2004, 03:27:59 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

ehwhat

August 09, 2004, 03:27:59 PM
I was reading at  http://archives.neohapsis.com/archives/bugtraq/2004-05/0009.html that Coppermine is not very secure, and easy to hack. Does this info apply to CPG 1.31? It looks to me as though it does. Is there anyone out there that has secured against the threats mentioned in this link?

Thanks - CPG looks and works great, but I don't want to expose myself to some pretty serious hacking!

Casper

#1
August 09, 2004, 03:53:45 PM
That is clearly marked as
QuoteMultiple vulnerabilities in Coppermine Photo Gallery for PhpNuke
.  There was a problem with that application, but never affected the standalone versions, which this site deals with.

There was considerable talk about it here, and investigation to check it could not apply, and this application does not, and did not, have these problems.
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here
Print
Go Up Pages1
User actions