Chamilo LMS v1.11.13 exists to contain a SQL injection vulnerability via the blog_id parameter at /blog/blog.php.
chamilo chamilo lms