Synopsis
The remote web server contains a script which is vulnerable to a SQL injection attack.
Description
The remote host is running CopperMine Gallery, a set of PHP scripts to handle galleries of pictures. There is a flaw in the version of Coppermine Gallery which is used by the remote host, which may allow an attacker to do a SQL injection attack, which would allow the viewing of arbitrary pictures or even to gain administrative access on this database.
Solution
Upgrade to Coppermine Gallery 1.1 beta 3 or higher.
