2 matches found
CVE-2005-1886
Cross-site scripting XSS vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via 1 the phid parameter or 2 unknown parameters when posting a new comment...
CVE-2005-4799
Multiple cross-site scripting XSS vulnerabilities in Yet Another PHP Image Gallery YaPIG 0.95b and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the Homepage field aka the Website field in an "image-related comment" and 2 the imgsize field in view.php. NOTE: due to...