Dear all,
I am not sure if this is related to CPG, but cannot exclude as well.
My Gallery (www.fotowald.de CPG 1.5.24) was hacked yesterday (5.1.2014) morning, i.e. code was placed in at least three core php files (index.php, login.php, and footer.php). The result was a server error when I tried to call one of the files. After replacing all files with a fresh upgrade procedure everything seems to work fine again. As a precaution I changed all passwords that are somewhat related to the CPG admin / webhost.
As I cannot exclude that the files were changed via FTP or in any other different way, this is not necessarily CPG related, but I am unable to tell if it might. If needed, I have made local copies of the changed files.
Cheers,
André
Take a look at this article from Joachim. It was written for CPG1.4.x but is still valid - http://forum.coppermine-gallery.net/index.php/topic,51927.0.html
We're not aware of any zero-day exploits. Without any further information we cannot tell you what happened.