Full title: ZenPhoto v1.4.4 (SQLi/Disclosure) Multiple Vulnerabilities 
Category: web applications
Platform: php
ZenPhoto version 1.4.4 is suffer from multiple vulnerabilities
 remote attacker can use some MySQL bug in (&date=) and exploit it
as SQL Injection ,and access to some files and get errors with the
Full Path of this files and use it to disclosure the target full path.

# 0day.today @ http://0day.today/