diff --git a/mod/photos.php b/mod/photos.php
index b18c06e2a3..6a84e61388 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -1027,6 +1027,10 @@ function photos_content(App $a)
 
 	// Display a single photo album
 	if ($datatype === 'album') {
+		// if $datum is not a valid hex, redirect to the default page
+		if (!Strings::isHex($datum)) {
+			$a->internalRedirect();
+		}
 		$album = hex2bin($datum);
 
 		$total = 0;
diff --git a/src/Util/Strings.php b/src/Util/Strings.php
index 3f8990d6c1..14fbde899c 100644
--- a/src/Util/Strings.php
+++ b/src/Util/Strings.php
@@ -31,6 +31,18 @@ class Strings
         return $return;
     }
 
+	/**
+	 * Checks, if the given string is a valid hexadecimal code
+	 *
+	 * @param string $hexCode
+	 *
+	 * @return bool
+	 */
+    public static function isHex($hexCode)
+    {
+	    return @preg_match("/^[a-f0-9]{2,}$/i", $hexCode) && !(strlen($hexCode) & 1);
+    }
+
     /**
      * @brief This is our primary input filter.
      *