CVE-2007-4951

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions YaPiG version 0.95b

Description A remote file inclusion issue in sample.php allows remote attackers to execute arbitrary PHP code via a URL in the YAPIG PATH parameter.

Recommendations For YaPiG version 0.95b, consider restricting the use of the YAPIG PATH parameter to minimize the risk of exploitation.

Exploit

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2007-4951

Affected Products

Yapig

CVE-2007-4951

Weakness Enumeration

Related Identifiers

Affected Products

References · 3