CVE-2020-20392

SQL Injection vulnerability in imcat v5.2 via the fm[auser] parameters in coms/add_coms.php.