Unrated severityNVD Advisory· Published Oct 21, 2008· Updated Jun 16, 2026
CVE-2008-4626
CVE-2008-4626
Description
Directory traversal vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 and possibly other versions through 2.3.3-beta0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the album parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:a:zirkon_box:yappa-ng:2.3.2:*:*:*:*:*:*:*
- Range: 2.3.2 - 2.3.3-beta0
- Range: 2.3.2 - 2.3.3-beta0
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.