lmxcms v1.4.1 exists to contain a SQL injection vulnerability via the setbook parameter at index.php.
lmxcms lmxcms 1.4.1