CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Yapig: >> Yapig >> 0.95b Security Vulnerabilities

CVE-2007-4951

PHP remote file inclusion vulnerability in sample.php in YaPiG 0.95b allows remote attackers to execute arbitrary PHP code via a URL in the YAPIG_PATH parameter. NOTE: this issue has been disputed by CVE, since YAPIG_PATH is defined before use

CVSS Score

6.8

EPSS Score

0.005

Published

2007-09-18

CVE-2006-4421

Cross-site scripting (XSS) vulnerability in template/default/thanks_comment.php in Yet Another PHP Image Gallery (YaPIG) 0.95b allows remote attackers to inject arbitrary web script or HTML via the D_REFRESH_URL parameter.

CVSS Score

4.3

EPSS Score

0.029

Published

2006-08-29

CVE-2005-2736

Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.

CVSS Score

4.3

EPSS Score

0.005

Published

2005-08-30

Page 1

Vulnerabilities

Vulnerable Software

Yapig: >> Yapig >> 0.95b Security Vulnerabilities

Products

Pricing

Contact Us