2007-08-08 23:00:00
mitre
PUBLISHED
EZPhotoSales 1.9.3 and earlier has a default "admin" account for galleries, which allows remote attackers to access arbitrary galleries by specifying this username.