漏洞信息详情
PHP Yappa-NG未明远程文件包含漏洞
- CNNVD编号:CNNVD-200504-091
- 危害等级: 高危
![图片[1]-PHP Yappa-NG未明远程文件包含漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-26/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2005-1312
- 漏洞类型:
输入验证
- 发布时间:
2005-04-24
- 威胁类型:
远程
- 更新时间:
2006-09-28
- 厂 商:
yappa-ng - 漏洞来源:
Discovery is credi… -
漏洞简介
yappa-ng是一个非常强大但非常易于安装和使用的在线PHP相册。支持所有操作系统 (Linux/UNIX,Windows,MAC, …),和所有Web服务器(Apache,IIS,…)并且不需要数据库支持。每一张图片都可以以多种不同的尺寸进行查看,并且缩略图和所有其它调整大小都将自动快速创建。yappa-ng支持为相册设置密码保护,统计图片点击,设置图片评论功能。
Yappa-NG的2.3.2之前版本存在PHP远程文件包含漏洞, 远程攻击者可以通过未知向量来执行任意PHP代码。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
yappa-ng yappa-ng 0.9
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 1.0
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 1.1
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 1.2
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 1.3
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 1.4
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 1.5
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 1.6
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.0 .0
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.0.1
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.1 .0
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.2 .0
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.2.1
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.2.2
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.3 .0
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
yappa-ng yappa-ng 2.3.1
yappa-ng yappa-ng 2.3.2
http://sourceforge.net/project/showfiles.php?group_id=70802
参考网址
来源: BID
名称: 13371
链接:http://www.securityfocus.com/bid/13371
来源: SECUNIA
名称: 15107
链接:http://secunia.com/advisories/15107
来源: OSVDB
名称: 15829
链接:http://www.osvdb.org/15829
来源: sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=323206
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
