Vulnerabilities > CVE-2005-1883 - Remote Security vulnerability in Yapig 0.92B
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | CGI abuses |
NASL id | YAPIG_MULTIPLE_FLAWS.NASL |
description | The remote host is running YaPiG, a web-based image gallery written in PHP. The installed version of YaPiG is vulnerable to multiple flaws : - Remote and local file inclusion. - Cross-site scripting and HTML injection flaws through |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18523 |
published | 2005-06-17 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18523 |
title | YaPiG < 0.95b Multiple Vulnerabilities |