Elcom CMS prior to 10.7 has SQL Injection via EventSearchByState.aspx and EventSearchAdv.aspx.
elcom elcom cms 10.7