Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.18523
Kategorie:Web application abuses
Titel:YaPiG Multiple Flaws
Zusammenfassung:The remote web server contains a PHP application that is affected by;multiple flaws.;;Description :;;The remote host is running YaPiG, a web-based image gallery written in;PHP.;;The installed version of YaPiG is vulnerable to multiple flaws:;; - Remote and local file inclusion.;; - Cross-site scripting and HTML injection flaws through 'view.php'.;; - Directory traversal flaw through 'upload.php'.
Beschreibung:Summary:
The remote web server contains a PHP application that is affected by
multiple flaws.

Description :

The remote host is running YaPiG, a web-based image gallery written in
PHP.

The installed version of YaPiG is vulnerable to multiple flaws:

- Remote and local file inclusion.

- Cross-site scripting and HTML injection flaws through 'view.php'.

- Directory traversal flaw through 'upload.php'.

Solution:
Update to YaPiG 0.95b or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 13871
BugTraq ID: 13874
BugTraq ID: 13875
BugTraq ID: 13876
BugTraq ID: 13877
Common Vulnerability Exposure (CVE) ID: CVE-2005-1881
http://secwatch.org/advisories/secwatch/20050530_yapig.txt
http://www.osvdb.org/17115
http://securitytracker.com/id?1014103
http://secunia.com/advisories/15600/
Common Vulnerability Exposure (CVE) ID: CVE-2005-1882
http://www.osvdb.org/17117
Common Vulnerability Exposure (CVE) ID: CVE-2005-1883
http://www.osvdb.org/17116
Common Vulnerability Exposure (CVE) ID: CVE-2005-1884
http://www.securityfocus.com/bid/13877
http://www.osvdb.org/17120
Common Vulnerability Exposure (CVE) ID: CVE-2005-1885
http://www.osvdb.org/17119
Common Vulnerability Exposure (CVE) ID: CVE-2005-1886
http://www.securityfocus.com/bid/13875
http://www.securityfocus.com/bid/13876
http://www.osvdb.org/17118
CopyrightCopyright (C) 2005 David Maciejak

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.