Vulnerability Details : CVE-2005-4800
Direct static code injection vulnerability in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allows remote authenticated administrators to inject arbitrary PHP code via the TestGallery parameter in a mod_info action to modify_gallery.php, which inserts the code into guid_info.php. NOTE: this issue is easier to exploit due to a separate CSRF vulnerability.
Vulnerability category: Cross-site request forgery (CSRF)
Exploit prediction scoring system (EPSS) score for CVE-2005-4800
0.85%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less