CVE-2005-4801

Published: Dec 31, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allow remote attackers to perform unauthorized actions as a logged-in user, as demonstrated by tricking the administrator to access a web page that performs a mod_info action in modify_gallery.php.

Affected (5)

Products: Yapig: Yapig

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Yapig Yapig	Up to 0.95b
Yapig Yapig	Version 0.92b
Yapig Yapig	Version 0.93u
Yapig Yapig	Version 0.94u
Yapig Yapig	Version 0.95

References (10)

http://archives.neohapsis.com/archives/bugtraq/2005-10/0161.html

Source: cve@mitre.org

ExploitVendor Advisory

http://secunia.com/advisories/17041

Source: cve@mitre.org

ExploitVendor Advisory

http://securityreason.com/securityalert/79

Source: cve@mitre.org

http://www.seclab.tuwien.ac.at/advisories/TUVSA-0510-001.txt

Source: cve@mitre.org

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/22753

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2005-10/0161.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://secunia.com/advisories/17041

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://securityreason.com/securityalert/79

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.seclab.tuwien.ac.at/advisories/TUVSA-0510-001.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/22753

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.