Vulnerabilities > CVE-2005-1884 - Directory Traversal vulnerability in Yapig 0.92B/0.93U/0.94U
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | YaPiG 0.9x Upload.PHP Directory Traversal Vulnerability. CVE-2005-1884. Webapps exploit for php platform |
id | EDB-ID:25794 |
last seen | 2016-02-03 |
modified | 2005-06-06 |
published | 2005-06-06 |
reporter | anonymous |
source | https://www.exploit-db.com/download/25794/ |
title | YaPiG 0.9x Upload.PHP Directory Traversal Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | YAPIG_MULTIPLE_FLAWS.NASL |
description | The remote host is running YaPiG, a web-based image gallery written in PHP. The installed version of YaPiG is vulnerable to multiple flaws : - Remote and local file inclusion. - Cross-site scripting and HTML injection flaws through |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18523 |
published | 2005-06-17 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18523 |
title | YaPiG < 0.95b Multiple Vulnerabilities |