Coppermine-Gallery: >> Coppermine Photo Gallery >> 1.6.25 Security Vulnerabilities
Coppermine Gallery 1.6.25 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the plugin manager. Attackers can upload a zipped PHP file with system commands to the plugin directory and execute arbitrary code by accessing the uploaded plugin script.
CVSS Score
8.8
EPSS Score
0.004
Published
2025-12-15