EIP-2026-109518

This exploit demonstrates a SQL injection vulnerability in MMHAQ CMS, allowing an attacker to extract database version information via a crafted URL parameter. The PoC can be extended to dump sensitive data such as admin credentials.