SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php O_id parameter.
s-cms s-cms 3.0