CVE-2005-1881

upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code...

CVE-2005-1886

Cross-site scripting XSS vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via 1 the phid parameter or 2 unknown parameters when posting a new comment...

CVE-2005-1884

Directory traversal vulnerability in the 1 rmdir or 2 mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. dot dot in the dir parameter...

EUVD-2005-1887

Malware in sbrugna...

EUVD-2005-1888

Malware in sbrugna...

EUVD-2005-1885

Malware in sbrugna...

EUVD-2005-1886

Malware in sbrugna...

EUVD-2005-1884

Malware in sbrugna...

EUVD-2005-4793

Malware in sbrugna...

EUVD-2006-4409

Malware in sbrugna...

EUVD-2005-2737

Malware in sbrugna...

CVE-2005-1883

global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASEDIR parameter...

YaPiG 0.9x View.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13875/info YaPiG is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

YaPiG 0.9x Remote and Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13874/info YaPiG is affected by remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to execut...

YaPig 0.94.0u - Remote File Inclusion Vulnerability

No description provided by source. |=-----------------------------------------------------=| |=-------------= JIKO |No-exploit.Com| =-----------=| |=-----------------------------------------------------=| -----------|00| NAme :JIKO JAWAD Home :No-exploit.Com Mail : !x! -----------|01| -Script nam...

YaPig 0.95 b view.php img_size Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15092/info Yapig is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Yapig 0.9x Thanks_comment.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19709/info Yapig is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. This may let an attacker steal cookie-based authentication credentials and launch other attacks...

YaPiG 0.9x Upload.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13877/info YaPiG is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An authorized user can add and delete arbitrary directories...

YaPiG 0.92 Remote Server-Side Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10891/info A vulnerability is reported to exist in YaPiG that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack if sanitization of user-supplied data. It is...

YaPiG 0.95 Cross Site Scripting

Vulnerability ID: HTB22962 Reference: http://www.htbridge.ch/advisory/multiplexssinyapig.html Product: YaPiG Yet Another PHP Image Gallery Vendor: http://yapig.sourceforge.net/ http://yapig.sourceforge.net/ Vulnerable Version: 0.95 Vendor Notification: 19 April 2011 Vulnerability Type: XSS Cross...