SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote malicious users to execute arbitrary SQL commands via the albumid parameter.
bjsintay sitex 0.7.4