Coppermine Photo Gallery Voting Restriction Bypass

medium Nessus Plugin ID 15531

Synopsis

A web application running on the remote host has an access restriction bypass vulnerability.

Description

The remote host is running Coppermine Gallery - a set of PHP scripts designed to handle galleries of pictures.

This product has a vulnerability which allows a remote attacker with cookies disabled to cast multiple votes for a picture.

Solution

Upgrade to Coppermine 1.3.3 or later.

See Also

http://www.nessus.org/u?250c8484

Plugin Details

Severity: Medium

ID: 15531

File Name: coppermine_gallery_vote_restriction.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 10/21/2004

Updated: 1/19/2021

Supported Sensors: Nessus

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 10/12/2004

Reference Information

BID: 11485