EmpireCMS v7.5 exists to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php.
leadscloud empirecms 7.5