S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).
s-cms s-cms 1.0