SQL injection vulnerability in index.php in the mg2 1.0 module for KwsPHP allows remote malicious users to execute arbitrary SQL commands via the album parameter.
kwsphp kwsphp 1.0