PT-2005-5462 · Yapig · Yet Another Php Image Gallery

Published

2005-12-31

Updated

2017-07-20

CVE-2005-4800

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Yet Another PHP Image Gallery (YaPIG) versions 0.95b and earlier

Description A direct static code injection issue allows remote authenticated administrators to inject arbitrary PHP code via the TestGallery parameter in a mod info action to modify gallery.php, which inserts the code into guid info.php. This issue is easier to exploit due to a separate CSRF vulnerability.

Recommendations For Yet Another PHP Image Gallery (YaPIG) versions 0.95b and earlier, avoid using the TestGallery parameter in the mod info action to modify gallery.php until a fix is available. As a temporary workaround, consider restricting access to the modify gallery.php and guid info.php files to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4800

Affected Products

Yet Another Php Image Gallery

PT-2005-5462 · Yapig · Yet Another Php Image Gallery

CVE-2005-4800

Related Identifiers

Affected Products

References · 6