FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-11 14:10:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
6dd5e45c-f084-11e1-8d0f-406186f3d89d	coppermine -- Multiple vulnerabilities The Coppermine Team reports: The release covers several path disclosure vulnerabilities. If unpatched, it's possible to generate an error that will reveal the full path of the script. A remote user can determine the full path to the web root directory and other potentially sensitive information. Furthermore, the release covers a recently discovered XSS vulnerability that allows (if unpatched) a malevolent visitor to include own script routines under certain conditions. Discovery 2012-03-29 Entry 2012-08-30 coppermine < 1.5.20 CVE-2012-1613 CVE-2012-1614 http://seclists.org/oss-sec/2012/q2/11 http://forum.coppermine-gallery.net/index.php/topic,74682.0.html
9f581778-e3d4-11dc-bb89-000bcdc1757a	coppermine -- multiple vulnerabilities Coppermine Security advisory The development team is releasing a security update for Coppermine in order to counter a recently discovered cross-site-scripting vulnerability. Discovery 2007-11-06 Entry 2008-02-25 coppermine < 1.4.15 CVE-2008-0504 CVE-2008-0505 CVE-2008-0506 http://coppermine-gallery.net/forum/index.php?topic=48106.0 http://coppermine-gallery.net/forum/index.php?topic=50103.0 http://secunia.com/advisories/28682/

VuXML ID

Description

6dd5e45c-f084-11e1-8d0f-406186f3d89d

coppermine -- Multiple vulnerabilities

The Coppermine Team reports:

The release covers several path disclosure vulnerabilities. If unpatched, it's possible to generate an error that will reveal the full path of the script. A remote user can determine the full path to the web root directory and other potentially sensitive information. Furthermore, the release covers a recently discovered XSS vulnerability that allows (if unpatched) a malevolent visitor to include own script routines under certain conditions.

Discovery 2012-03-29
Entry 2012-08-30
coppermine

< 1.5.20

CVE-2012-1613
CVE-2012-1614
http://seclists.org/oss-sec/2012/q2/11
http://forum.coppermine-gallery.net/index.php/topic,74682.0.html

9f581778-e3d4-11dc-bb89-000bcdc1757a

coppermine -- multiple vulnerabilities

Coppermine Security advisory

The development team is releasing a security update for Coppermine in order to counter a recently discovered cross-site-scripting vulnerability.

Discovery 2007-11-06
Entry 2008-02-25
coppermine

< 1.4.15

CVE-2008-0504
CVE-2008-0505
CVE-2008-0506
http://coppermine-gallery.net/forum/index.php?topic=48106.0
http://coppermine-gallery.net/forum/index.php?topic=50103.0
http://secunia.com/advisories/28682/