Victor CMS is an open source content management system by Victor Alagwu, a personal developer in Nigeria. v1.0 of Victor CMS is vulnerable to SQL injection, which originates from the user_name parameter in /includes/login.php, and can be exploited by attackers to inject queries in /CMSsite/ through the user_name parameter. include/login.php to inject queries.