2019-09-14 18:15:10 2019-09-16 17:23:57

FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.