H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_group_edit&agID.
https://www.hhg-multistore.com/
https://github.com/blockomat2100/PoCs/blob/main/hhg_multistore/exploit_hhg_multistore.md