Vulnerability Details : CVE-2008-0506
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.
Vulnerability category: Input validation
At least one public exploit which can be used to exploit this vulnerability exists!
Exploit prediction scoring system (EPSS) score for CVE-2008-0506
Probability of exploitation activity in the next 30 days: 96.20%
Metasploit modules for CVE-2008-0506
Coppermine Photo Gallery picEditor.php Command ExecutionDisclosure Date : 2008-01-30exploit/unix/webapp/coppermine_piceditorThis module exploits a vulnerability in the picEditor.php script of Coppermine Photo Gallery versions 1.4.14 and earlier. When configured to use the ImageMagick library, the 'quality', 'angle', and 'clipval' parameters are not properly escaped before being passed to the PHP 'exec' command. In order to reach the vulnerable 'exec' call, the input must pass several validation steps. The vulnerabilities actually reside in the following functions: image_processor.php: rotate_image(...) include/imageObjectIM.class.php: imageObject::cropImage(...) include/imageObjectIM.class.php: imageObject::rotateImage(...) include/imageObjectIM.class.php: imageObject::resizeImage(...) include/picmgmt.inc.php: resize_image(...) NOTE: Use of the ImageMagick library is a non-default option. However, a user can specify its use at installation time. Authors: - Janek Vind - jduc
CVSS scores for CVE-2008-0506
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
CWE ids for CVE-2008-0506
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: [email protected] (Primary)
References for CVE-2008-0506