SQL injection vulnerability in actualpic.asp in Enthrallweb ePages allows remote malicious users to execute arbitrary SQL commands via the Biz_ID parameter.
enthrallweb epages