SQL injection vulnerability in gallery/view.asp in A Better Member-Based ASP Photo Gallery before 1.2 allows remote attackers to execute arbitrary SQL commands via the entry parameter.
https://www.exploit-db.com/exploits/8012
https://exchange.xforce.ibmcloud.com/vulnerabilities/48612
http://www.ontarioabandonedplaces.com/ipguardian/gallery/readme.txt