SQL injection vulnerability in Zenphoto prior to 1.4.9 allow remote administrators to execute arbitrary SQL commands.
zenphoto zenphoto