Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.Referenceshttps://github.com/thedigicraft/Atom.CMS/issues/257
