SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter.Referenceshttp://www.securityfocus.com/bid/31085http://securityreason.com/securityalert/4330https://www.exploit-db.com/exploits/6411https://exchange.xforce.ibmcloud.com/vulnerabilities/45017
