Coppermine 1.4.19 has been released to fix a MySQL injection flaw, again. This is how TimesToCome was hacked last April and why you now have all these shiny new security tools and information on this website.
I went to the Coppermine site only because there was a huge increase in cross site scripting attempts last night on the Coppermine albums.
Anyhow update if you have not.