Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CM Informatics CM News allows SQL Injection. This issue affects CM News: through 6.0. NOTE: The vendor was contacted and it was learned that the product is not supported.
https://www.usom.gov.tr/bildirim/tr-25-0072
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0072