https://www.securityfocus.com/bid/82351
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-421

CopperminePhotoGallery1.3.2中存在SQL注入漏洞，允许远程攻击者通过(1)init.inc.php或(2)zipdownload.php的favs参数来执行任意SQL命令。

Coppermine Coppermine Photo Gallery 1.3.2

来源:SECUNIA
名称:15004
链接:http://secunia.com/advisories/15004
来源:XF
名称:coppermine-initincphp-sql-injection(20205)
链接:http://xforce.iss.net/xforce/xfdb/20205
来源:MISC
链接:http://www.waraxe.us/advisory-42.html
来源:BUGTRAQ
名称:20050420[waraxe-2005-SA#042]-MultiplevulnerabilitiesinCopperminePhotoGallery1.3.2
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=111402186304179&w;=2