Cuppa CMS v1.0 exists to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter.
cuppacms cuppacms 1.0