PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the config[path_src_include] parameter.
Max CVSS
6.8
EPSS Score
0.76%
Published
2007-11-15
Updated
2008-11-15
PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors.
Max CVSS
7.5
EPSS Score
6.37%
Published
2005-04-24
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
0.24%
Published
2005-05-02
Updated
2008-09-05
3 vulnerabilities found