cve/2008/CVE-2008-0506.md

### [CVE-2008-0506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0506)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.

### POC

#### Reference
- http://www.waraxe.us/advisory-65.html
- https://www.exploit-db.com/exploits/5019

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2008-0506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0506)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.`

			`### POC`

			`#### Reference`
			`- http://www.waraxe.us/advisory-65.html`
			`- https://www.exploit-db.com/exploits/5019`

			`#### Github`
			`No PoCs found on GitHub currently.`