MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
geniusocean mymagazine magazine \\& blog cms 1.0