Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin/posts.php?source=add_post. This vulnerability can be exploited th