CVE-2017-17618
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
Date published : 2017-12-13
https://www.exploit-db.com/exploits/43286/
https://packetstormsecurity.com/files/145326/Kickstarter-Clone-Script-2.0-SQL-Injection.html