Subrion CMS prior to 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.
intelliants subrion cms