CVE-2005-4799

Published: 31/12/2005 Updated: 20/07/2017

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the Homepage field (aka the Website field) in an "image-related comment" and (2) the img_size field in view.php. NOTE: due to lack of details from the researcher, it is not clear whether the comment vector overlaps CVE-2005-1886.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yapig yapig 0.94u
yapig yapig 0.95
yapig yapig 0.92b
yapig yapig 0.93u
yapig yapig

source: wwwsecurityfocuscom/bid/15092/info Yapig is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected sit ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2005-10/0161.html http://www.seclab.tuwien.ac.at/advisories/TUVSA-0510-001.txt http://www.securityfocus.com/bid/15092 http://www.securityfocus.com/bid/15095 http://www.osvdb.org/19958 http://www.osvdb.org/19959 http://secunia.com/advisories/17041 https://exchange.xforce.ibmcloud.com/vulnerabilities/22752 https://exchange.xforce.ibmcloud.com/vulnerabilities/22750 https://nvd.nist.gov https://www.exploit-db.com/exploits/26345/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4799

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect