Emlog v6.0 exists to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().
emlog emlog 6.0.0