SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php.
victor cms project victor cms 1.0