2007-08-09 03:00:00
mitre
PUBLISHED
EZPhotoSales 1.9.3 and earlier has a default "admin" account for galleries, which allows remote attackers to access arbitrary galleries by specifying this username.