Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. Date published : 2017-10-31 https://www.exploit-db.com/exploits