Victor CMS v1.0 exists to contain a SQL injection vulnerability that allows malicious users to inject arbitrary commands via 'user_firstname' parameter.
victor cms project victor cms 1.0