Hi, how ever i can show this report's that see in the web:
ORIGINAL ADVISORY:
http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html
VENDOR INFORMED
������-Summary�����-
Software: CPG Coppermine Photo Gallery
Sowtware�s Web Site: http://coppermine.sourceforge.net/
Versions: 1.4.8.stable
Class: Remote
Status: Unpatched
Exploit: Available
Discovered by: imei addmimistrator
Risk Level: Mediume
������Description�����
Coppermine Photo Gallery has a logical design fault that will result to bypassing anti-XSS-Injection�RegGlobal-System.
SEE ORIGINAL ADVISORY FOR MORE DETAILES
How ever thank's to dev team for check and fix's this possibles issues :-D
As the advisory you posted clearly says: "VENDOR INFORMED" (the vendor is the Coppermine dev team). The dev team is on top of this. "imei" was very kind to contact us personally about these issues.
And now this has been fixed in SVN.