SQL injection vulnerability in picture.php in phpTest 0.6.3 allows remote malicious users to execute arbitrary SQL commands via the image_id parameter.
brandon tallent phptest 0.6.3