Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
kickstarter clone script project kickstarter clone script 2.0