A SQL injection vulnerability in "/music/ajax.php?motion=find_music" in Kashipara Music Management method v1.0 lets an attacker to execute arbitrary SQL commands via the "search" parameter. A vulnerability was found in https://www.ralantech.com/mysql-database-health-check-consulting-service/