CSCMS Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save.
chshcms cscms music portal system 4.2