[KAPDA]Coppermine 1.4.8~Parameter Cleanup System ByPass~Registering Global Varables

ORIGINAL ADVISORY:
http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html
VENDOR INFORMED
——————-Summary—————-
Software: CPG Coppermine Photo Gallery
Sowtware’s Web Site: http://coppermine.sourceforge.net/
Versions: 1.4.8.stable
Class: Remote
Status: Unpatched
Exploit: Available
Discovered by: imei addmimistrator
Risk Level: Mediume
—————–Description—————
Coppermine Photo Gallery has a logical design fault that will result to bypassing
anti-XSS-Injection–RegGlobal-System.

SEE ORIGINAL ADVISORY FOR MORE DETAILES