Darkrerror

**Name of the Vulnerable Software and Affected Versions** CuppaCMS versions prior to 2018-11-12 **Description** The issue is related to SQL Injection. It affects the administrator/classes/ajax/functions.php file via the `reference id` parameter. **Recommendations** For versions prior to 2018-11-12, update to a version released after 2018-11-12 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable `functions.php` file or avoiding the use of the `reference id` parameter in the affected endpoint until the issue is resolved.