CVE-2017-15984

Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php.