CVE-2017-11324
CVE-2017-11324 (Tilde CMS 1.0.1) : A SQL injection exists in the class.SystemAction.php file due to missing escaping of the backtick character. An attacker can trigger the vulnerability via a POST request to /actionphp/action.input.php with the id parameter, potentially allowing arbitrary SQL com...