Secunia Security Advisory – petros has discovered some vulnerabilities in zenphoto, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and SQL injection attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/79348/sa35863.txt
Source: https://packetstormsecurity.com/files/79348/Secunia-Security-Advisory-35863.html