vendor:
yappa-ng
by:
Vrs-hCk
7.5
CVSS
HIGH
Local File Include
98
CWE
Product Name: yappa-ng
Affected Version From: 2.3.2002
Affected Version To: 2.3.2002
Patch Exists: YES
Related CWE: N/A
CPE: a:zirkon:yappa-ng
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Local File Include Vulnerability
A Local File Include (LFI) vulnerability exists in yappa-ng Version 2.3.2. An attacker can exploit this vulnerability to include local files on the vulnerable system. This can be exploited to disclose sensitive information, execute arbitrary code, and perform other attacks.
Mitigation:
Upgrade to the latest version of yappa-ng.