Description
Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files.
Remediation
References
Related Vulnerabilities
Apache Tomcat Other Vulnerability (CVE-2003-0045)
WordPress Plugin Random Banner Cross-Site Scripting (4.1.4)
WordPress Plugin YouSayToo auto-publishing 'submit' Parameter Cross-Site Scripting (1.0.1)
YOURLS Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-14537)