upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.Referenceshttps://github.com/bagesoft/bagecms/issues/5
