Atom CMS v2.0 exists to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.
thedigitalcraft atomcms 2.0