SQL Injection vulnerability in flatCore version 1.4.6 allows an malicious user to read and write to the users database.
flatcore flatcore-cms 1.4.6