CVE-2005-1881
YaPiG 0.92b, 0.93u, 0.94u - Unauthenticated Arbitrary File Upload via upload.php
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-1881. PoCs published by anonymous.
AI-analyzed exploit summary The exploit describes remote and local file include vulnerabilities in YaPiG due to improper input sanitization. It provides example URLs to exploit the vulnerabilities in versions 0.92b, 0.93u, and 0.94u.
Description
upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code.
Exploits (1)
The exploit describes remote and local file include vulnerabilities in YaPiG due to improper input sanitization. It provides example URLs to exploit the vulnerabilities in versions 0.92b, 0.93u, and 0.94u.