Month Of Abysssec Undisclosed Bugs – ndCMS (Nickel and Dime CMS) version 0.4rc1 suffers from a remote SQL injection vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/94289/moaub27-ndcms.pdf
Source: https://packetstormsecurity.com/files/94289/Month-Of-Abysssec-Undisclosed-Bugs-Nickel-And-Dime-CMS-0.4rc1.html