Cross-site scripting (XSS) vulnerability in search.php in EncapsGallery 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/41948
http://www.securityfocus.com/bid/28887
http://www.encaps.net/software/encapsgallery/download-image-album.php