mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"sdfg", which allows remote attackers to gain privileges.Referenceshttp://securityreason.com/securityalert/2272http://forums.avenir-geopolitique.net/viewtopic.php?t=2677http://www.securityfocus.com/archive/1/460402/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/32562http://osvdb.org/33740
