The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page.
victor cms project victor cms 1.0