GEN:SID 1:2372
Message WEB-PHP Photopost PHP Pro showphoto.php access
Summary This event is generated when an attempt is made to access showphoto.php, a
component of the Photopost PHP web application running on a server.
Impact Unauthorized administrative access to the underlying database.
Detailed Information Photopost is a PHP photo gallery application. It is possible for a
remote attacker to perform SQL queries on the database used by Photopost
that could disclose sensitive information or compromise the data stored
on the server.
Affected Systems Photopost PHP Pro version 4.6 and earlier
Attack Scenarios An attacker can manipulate the photo parameter in the script
showphoto.php to perform SQL queries of their choosing.
Ease of Attack Simple.
Corrective Action Ensure the system is using an up to date version of the software and has
had all vendor supplied patches applied.
Additional References  
Rule References bugtraq: 9557