FreeBSD : coppermine -- multiple vulnerabilities (12488805-6773-11dc-8be8-02e0185f8d72)
Medium Nessus Plugin ID 26084
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe coppermine development team reports two vulnerabilities with the coppermine application. These vulnerabilities are caused by improper checking of the log variable in 'viewlog.php' and improper checking of the referer variable in 'mode.php'. This could allow local file inclusion, potentially disclosing valuable information and could lead to an attacker conducting a cross site scripting attack against the targeted site.
SolutionUpdate the affected package.