VULHUB ™

YaPig is a Web-based image gallery application. Reportedly, it contains a flaw which will allow a malicious user to view images in password-protected directories. When viewing the HTML source created by the application, one may note that the full paths to image files are disclosed, resulting in unauthorized access to sensitive information.

YaPig is a Web-based image gallery application. Reportedly, it contains a flaw which will allow a malicious user to view images in password-protected directories. When viewing the HTML source created by the application, one may note that the full paths to image files are disclosed, resulting in unauthorized access to sensitive information.