 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.18523 |
| Categoría: | Web application abuses |
| Título: | YaPiG Multiple Flaws |
| Resumen: | The remote web server contains a PHP application that is affected by;multiple flaws.;;Description :;;The remote host is running YaPiG, a web-based image gallery written in;PHP.;;The installed version of YaPiG is vulnerable to multiple flaws:;; - Remote and local file inclusion.;; - Cross-site scripting and HTML injection flaws through 'view.php'.;; - Directory traversal flaw through 'upload.php'. |
| Descripción: | Summary: The remote web server contains a PHP application that is affected by multiple flaws. Description : The remote host is running YaPiG, a web-based image gallery written in PHP. The installed version of YaPiG is vulnerable to multiple flaws: - Remote and local file inclusion. - Cross-site scripting and HTML injection flaws through 'view.php'. - Directory traversal flaw through 'upload.php'. Solution: Update to YaPiG 0.95b or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-1881 http://secwatch.org/advisories/secwatch/20050530_yapig.txt http://www.osvdb.org/17115 http://securitytracker.com/id?1014103 http://secunia.com/advisories/15600/ Common Vulnerability Exposure (CVE) ID: CVE-2005-1882 http://www.osvdb.org/17117 Common Vulnerability Exposure (CVE) ID: CVE-2005-1883 http://www.osvdb.org/17116 Common Vulnerability Exposure (CVE) ID: CVE-2005-1884 BugTraq ID: 13877 http://www.securityfocus.com/bid/13877 http://www.osvdb.org/17120 Common Vulnerability Exposure (CVE) ID: CVE-2005-1885 http://www.osvdb.org/17119 Common Vulnerability Exposure (CVE) ID: CVE-2005-1886 BugTraq ID: 13875 http://www.securityfocus.com/bid/13875 BugTraq ID: 13876 http://www.securityfocus.com/bid/13876 http://www.osvdb.org/17118 |
| Copyright | Copyright (C) 2005 David Maciejak |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |