Coppermine Photo Gallery <= 1.4.18 Path Disclosure Weakness

Description:

themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

References:

• CVE-2008-3481
• EDB-6178

Disclosure Date:

July 31, 2008