2018-12-28 17:29:05 2019-01-28 21:51:00

Administrator/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication bypass.