A input validation error vulnerability in 4images 1.7 - 1.7.9 has been found.
To fix this:
in download.php
find
$file = array();
and replace with
$file = array();
$file_path = null;
$file_name = null;
and find
while ($image_row = $site_db->fetch_array($result)) {
and replace with
while ($image_row = $site_db->fetch_array($result)) {
$file_path = null;
$file_name = null;