Arashhc

Name of the Vulnerable Software and Affected Versions: HamayeshNegar CMS (affected versions not specified) Description: A SQL injection issue exists in the "signup" component of HamayeshNegar CMS, specifically in the users/signup.php file. This allows a remote attacker to execute arbitrary SQL commands via the `utype` parameter in the "signup" component. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.