T4H4

Name of the Vulnerable Software and Affected Versions: PhpWebGallery version 1.4.1 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `search` parameter in the category.php file. Recommendations: For PhpWebGallery version 1.4.1, avoid using the `search` parameter in the category.php file until a patch is available. As a temporary workaround, consider restricting access to the category.php file to minimize the risk of exploitation.