emlog v2.1.9 exists to contain a SQL injection vulnerability via the component /admin/user.php.
emlog emlog 2.1.9