CVE-2026-3013

UNKNOWN 0.0

Path Traversal in Coppermine Photo Gallery

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Coppermine Photo Gallery in versions 1.6.09 through 1.6.27 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow to read content of any file accessible by the the web server process.This issue was fixed in version 1.6.28.

CWE	CWE-22
Vendor	coppermine photo gallery
Product	coppermine photo gallery
Published	Mar 11, 2026
Last Updated	Mar 11, 2026

Stay Ahead of the Next One

Get instant alerts for coppermine photo gallery coppermine photo gallery

Be the first to know when new unknown vulnerabilities affecting coppermine photo gallery coppermine photo gallery are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Coppermine Photo Gallery / Coppermine Photo Gallery

1.6.09 < 1.6.28

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cert.pl: https://cert.pl/en/posts/2026/03/CVE-2026-3013 github.com: https://github.com/coppermine-gallery/cpg1.6.x/releases/tag/v1.6.28

Credits

Jan Paweł Klim