First published: Thu Sep 09 2021(Updated: )
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/pages/items
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
TheDayLightStudio Fuel CMS | =1.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-38723 is a vulnerability in FUEL CMS 1.5.0 that allows SQL Injection via the 'col' parameter in /fuel/index.php/fuel/pages/items.
CVE-2021-38723 has a severity rating of 8.8 (high).
CVE-2021-38723 affects FUEL CMS versions 1.5.0.
Yes, a fix for CVE-2021-38723 is available. Please refer to the official GitHub issue for more information.
You can find more information about CVE-2021-38723 in the official GitHub issue linked in the references.