CVE-2018-17410

Horus CMS allows SQL Injection, as demonstrated by a request to the /busca or /home URI.