Rukovoditel v3.2.1 exists to contain a SQL injection vulnerability via the heading_field_id parameter.
rukovoditel rukovoditel 3.2.1