| VID |
21663 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The YaPiG, according to its version number, has multiple vulnerabilities. YaPiG (Yet Another PHP Image Gallery) is an open source image gallery software written in PHP. YaPiG versions 0.92b, 0.93u, and 0.94u are vulnerable to multiple vulnerabilities below:
1) YaPiG Upload.PHP Remote Arbitrary File Upload Vulnerability
2) YaPiG Remote and Local File Include Vulnerabilities
3) YaPiG View.PHP Cross-Site Scripting Vulnerability
4) YaPiG View.PHP Multiple HTML Injection Vulnerabilities
5) YaPiG Upload.PHP Directory Traversal Vulnerability
An attacker who successfully exploited the most severe of these vulnerabilities could execute malicious script code on a vulnerable server with the privileges of the web server.
* Note: This check solely relied on the version number of the YaPiG software installed on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securitytracker.com/alerts/2005/Jun/1014103.html
http://www.osvdb.org/displayvuln.php?osvdb_id=17115
http://www.osvdb.org/displayvuln.php?osvdb_id=17116
http://www.osvdb.org/displayvuln.php?osvdb_id=17117
http://www.osvdb.org/displayvuln.php?osvdb_id=17118
http://www.osvdb.org/displayvuln.php?osvdb_id=17119
http://www.osvdb.org/displayvuln.php?osvdb_id=17120
http://www.osvdb.org/displayvuln.php?osvdb_id=17121
* Platforms Affected:
SourceForge.net, YaPiG versions 0.92b, 0.93u, and 0.94u
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of YaPiG (0.95 or later), available from the YaPiG home page at http://yapig.sourceforge.net/index.php |
| Related URL |
CVE-2005-1881,CVE-2005-1882,CVE-2005-1883,CVE-2005-1884,CVE-2005-1885,CVE-2005-1886 (CVE) |
| Related URL |
13871,13874,13875,13876,13877 (SecurityFocus) |
| Related URL |
20900,20901,20902,20903,20904 (ISS) |
|
