MRCMS 3.1.2 contains a SQL injection vulnerability via the RID parameter in /admin/article/delete.do.