info
discussion
exploit
solution
references
Yapig View.PHP Cross-Site Scripting Vulnerability
No exploit is required.
An example has been provided:
http://www.example.com/path-to-yapig/view.php?gid=1&phid=1&img_size=><script>alert('hi')</script>
Privacy Statement
Copyright 2010, SecurityFocus
