iCMS v7.0.16 exists to contain a SQL injection vulnerability via the where parameter at admincp.php.
idreamsoft icms 7.0.16