CVE-2009-2396
CVE-2009-2396 affects DM Albums 1.9.2 (standalone or as a WordPress plugin). The vulnerability is a PHP remote file inclusion in template/album.php that allows an attacker to execute arbitrary code via a URL in the SECURITY_FILE parameter. Impact is consistent with a full compromise of affected s...