Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:45 p.m.9 views

CVE-2005-1881

upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code...

7.5CVSS7.8AI score0.03429EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:45 p.m.10 views

CVE-2005-1886

Cross-site scripting XSS vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via 1 the phid parameter or 2 unknown parameters when posting a new comment...

4.3CVSS5.8AI score0.01911EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:43 p.m.7 views

CVE-2005-1884

Directory traversal vulnerability in the 1 rmdir or 2 mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. dot dot in the dir parameter...

6.4CVSS7.3AI score0.02569EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-1886

Malware in sbrugna...

6.4CVSS6.4AI score0.02569EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-1885

Malware in sbrugna...

5CVSS6.4AI score0.01548EPSS
Exploits1References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.44 views

Yapig 0.9x Thanks_comment.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19709/info Yapig is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. This may let an attacker steal cookie-based authentication credentials and launch other attacks...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/08/29 4:0 a.m.20 views

CVE-2005-2736

Cross-site scripting XSS vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...

5.7AI score0.01296EPSS
Exploits0References6
exploitpack
exploitpack
added 2005/06/06 12:0 a.m.9 views

YaPiG 0.9x - view.php Cross-Site Scripting

YaPiG 0.9x - view.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13875/info YaPiG is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2004/10/18 12:0 a.m.531 views

[SA12858] YaPiG comments Cross-Site Scripting Vulnerability

TITLE: YaPiG comments Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA12858 VERIFY ADVISORY: http://secunia.com/advisories/12858/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: YaPiG 0.x http://secunia.com/product/3795/ DESCRIPTION: A vulnerability has...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2004/07/07 12:0 a.m.26 views

YaPiG 0.92 - Remote Server-Side Script Execution

YaPiG 0.92 - Remote Server-Side Script Execution source: https://www.securityfocus.com/bid/10891/info A vulnerability is reported to exist in YaPiG that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack if sanitization of user-supplie...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/07 12:0 a.m.27 views

YaPiG 0.92 - Remote Server-Side Script Execution

source: https://www.securityfocus.com/bid/10891/info A vulnerability is reported to exist in YaPiG that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack if sanitization of user-supplied data. It is reported that an attacker may be ab...

7.4AI score
Exploits0
Rows per page
Query Builder