Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.18523 |
Kategorie: | Web application abuses |
Titel: | YaPiG Multiple Flaws |
Zusammenfassung: | The remote web server contains a PHP application that is affected by;multiple flaws.;;Description :;;The remote host is running YaPiG, a web-based image gallery written in;PHP.;;The installed version of YaPiG is vulnerable to multiple flaws:;; - Remote and local file inclusion.;; - Cross-site scripting and HTML injection flaws through 'view.php'.;; - Directory traversal flaw through 'upload.php'. |
Beschreibung: | Summary: The remote web server contains a PHP application that is affected by multiple flaws. Description : The remote host is running YaPiG, a web-based image gallery written in PHP. The installed version of YaPiG is vulnerable to multiple flaws: - Remote and local file inclusion. - Cross-site scripting and HTML injection flaws through 'view.php'. - Directory traversal flaw through 'upload.php'. Solution: Update to YaPiG 0.95b or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
BugTraq ID: 13871 BugTraq ID: 13874 BugTraq ID: 13875 BugTraq ID: 13876 BugTraq ID: 13877 Common Vulnerability Exposure (CVE) ID: CVE-2005-1881 http://secwatch.org/advisories/secwatch/20050530_yapig.txt http://www.osvdb.org/17115 http://securitytracker.com/id?1014103 http://secunia.com/advisories/15600/ Common Vulnerability Exposure (CVE) ID: CVE-2005-1882 http://www.osvdb.org/17117 Common Vulnerability Exposure (CVE) ID: CVE-2005-1883 http://www.osvdb.org/17116 Common Vulnerability Exposure (CVE) ID: CVE-2005-1884 http://www.securityfocus.com/bid/13877 http://www.osvdb.org/17120 Common Vulnerability Exposure (CVE) ID: CVE-2005-1885 http://www.osvdb.org/17119 Common Vulnerability Exposure (CVE) ID: CVE-2005-1886 http://www.securityfocus.com/bid/13875 http://www.securityfocus.com/bid/13876 http://www.osvdb.org/17118 |
Copyright | Copyright (C) 2005 David Maciejak |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |