{"api_version":"1","generated_at":"2026-06-03T21:58:14+00:00","cve":"CVE-2005-3979","urls":{"html":"https://cve.report/CVE-2005-3979","api":"https://cve.report/api/cve/CVE-2005-3979.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-3979","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-3979"},"summary":{"title":"CVE-2005-3979","description":"relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-12-03 19:03:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["CWE-287","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://coppermine-gallery.net/forum/index.php?topic=24217.0","name":"http://coppermine-gallery.net/forum/index.php?topic=24217.0","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2005/2698","name":"http://www.vupen.com/english/advisories/2005/2698","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17855","name":"http://secunia.com/advisories/17855","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"],"title":"Secunia - Advisories - Coppermine Photo Gallery \"relocate_server.php\" Exposure of Configuration","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-3979","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-3979","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"3979","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"coppermine-gallery","cpe5":"coppermine_photo_gallery","cpe6":"1.4","cpe7":"beta","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3979","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"coppermine-gallery","cpe5":"coppermine_photo_gallery","cpe6":"1.4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T23:31:48.890Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"17855","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17855"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://coppermine-gallery.net/forum/index.php?topic=24217.0"},{"name":"ADV-2005-2698","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2698"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-11-27T00:00:00.000Z","descriptions":[{"lang":"en","value":"relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-04-05T15:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"17855","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17855"},{"tags":["x_refsource_CONFIRM"],"url":"http://coppermine-gallery.net/forum/index.php?topic=24217.0"},{"name":"ADV-2005-2698","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2698"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-3979","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"17855","refsource":"SECUNIA","url":"http://secunia.com/advisories/17855"},{"name":"http://coppermine-gallery.net/forum/index.php?topic=24217.0","refsource":"CONFIRM","url":"http://coppermine-gallery.net/forum/index.php?topic=24217.0"},{"name":"ADV-2005-2698","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2698"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-3979","datePublished":"2005-12-03T19:00:00.000Z","dateReserved":"2005-12-03T00:00:00.000Z","dateUpdated":"2024-08-07T23:31:48.890Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-12-03 19:03:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["CWE-287","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4:beta:*:*:*:*:*:*","matchCriteriaId":"60C520A7-686D-40AB-A41B-EDDF3EC86819"},{"vulnerable":true,"criteria":"cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"A3BF818D-86E5-4886-9447-FE70CBEAEA0B"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"3979","Ordinal":"1","Title":"CVE-2005-3979","CVE":"CVE-2005-3979","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"3979","Ordinal":"1","NoteData":"relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.","Type":"Description","Title":"CVE-2005-3979"},{"CveYear":"2005","CveId":"3979","Ordinal":"2","NoteData":"2005-12-03","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"3979","Ordinal":"3","NoteData":"2016-04-05","Type":"Other","Title":"Modified"}]}}}