upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-16T23:40:55.265Z
Reserved: 2005-06-07T04:00:00Z
Link: CVE-2005-1881

No data.

Status : Modified
Published: 2005-06-06T04:00:00.000
Modified: 2024-11-20T23:58:20.210
Link: CVE-2005-1881

No data.