cpe:/a:kwsphp:kwsphp CVE-2008-1758 2008-04-12T16:05:00.000-04:00 2017-09-28T21:30:51.113-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-04-14T10:32:00.000-04:00 ALLOWS_OTHER_ACCESS BID 28738 SECUNIA 29664 EXPLOIT-DB 5353 XF concoursphoto-cid-sql-injection(41636) SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php.