Moroccan Security Team (|ucif3r) Greetz To All Freind Phpwebgallery 1.4.1 is vulnerable to SQL Injection Attacks The flaw is due to input validation errors in the "category.php" script when handling the "search"variables, which could be exploited by malicious people to conduct SQL injection attacks. Exploit: http://localhost/phpwebgallery/category.php?cat=search&search=[SQL] t4h4[at]linuxmail[dot]com :D