cpe:/a:kaphotoservice:kaphotoservice CVE-2008-1426 2008-03-20T14:44:00.000-04:00 2017-09-28T21:30:42.113-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-03-20T17:35:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080320 KAPhotoservice (album.asp) Remote SQL Injection Exploit BID 28306 SECUNIA 29433 EXPLOIT-DB 5274 XF kaphotoservice-album-sql-injection(41300) SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter.