Lucene search

Yappa-ng Security Vulnerabilities

cve

CVE-2008-6515

Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generation (yappa-ng) allows remote attackers to inject arbitrary web script or HTML via the query string to the default...

5.9AI Score

0.002EPSS

2009-03-24 02:30 PM

cve

CVE-2008-6495

Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album...

5.9AI Score

0.003EPSS

2009-03-20 12:30 AM

cve

CVE-2008-4626

Directory traversal vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 and possibly other versions through 2.3.3-beta0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot).....

7.2AI Score

0.029EPSS

2008-10-21 01:18 AM

cve

CVE-2007-5994

PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the config[path_src_include]...

7.5AI Score

0.009EPSS

2007-11-15 10:46 PM

cve

CVE-2005-1311

Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unknown...

5.7AI Score

0.002EPSS

2005-05-02 04:00 AM

cve

CVE-2005-1312

PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown...

7.6AI Score

0.052EPSS

2005-04-27 04:00 AM