Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities - CVE-2015-6528

Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username (2) admin_password (3) admin_email (4) dbserver (5) dbname (6) dbuser (7) dbpass (8) table_prefix or (9) impath parameter.