SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote malicious user to execute arbitrary code via basic_title parameter.
mingsoft mcms 4.7.2