Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.Referenceshttps://github.com/yanchongchong/swallow/issues/13
