CVE-2005-1882

Properties

Published:
08.06.2005
Updated:
28.09.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
YaPiG: YaPiG
YaPiG: YaPiG

Vulnerability description

PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter.

References:

MISC: http://secwatch.org/advisories/secwatch/20050530_yapig.txt
OSVDB: http://www.osvdb.org/17117
SECUNIA: http://secunia.com/advisories/15600/
SECTRACK: http://securitytracker.com/id?1014103