SQL injection vulnerability in photos.php in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allows remote attackers to execute arbitrary SQL commands via the album parameter.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/52155http://www.securityfocus.com/bid/35892http://packetstormsecurity.org/0907-exploits/articlepubpro-sql.txthttp://secunia.com/advisories/36066
