Creative Management System CMS Lite version 1.3.1 suffers from a remote SQL injection vulnerability.