Summary: MKCMS V5.0 has SQL injection via the bplay.php play parameter.Published: Tuesday, April 2, 2019 - 15:29cvss: