Product
A remote SQL injection vulnerability (CVE-2026-7389) exists in EyouCMS versions up to 1.7.9 due to improper handling of the 'sort_asc' argument in the GetSortData function, potentially allowing attackers to execute arbitrary SQL commands.