Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-74294
HistorySep 12, 2021 - 12:00 a.m.

FUEL CMS SQL Injection Vulnerability (CNVD-2021-74294)

2021-09-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
5

0.002 Low

EPSS

Percentile

61.0%

JSON

FUEL CMS is a content management system (CMS) based on the Codelgniter framework. FUEL CMS version 1.5.0 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in parameter col in /FUEL/index.php/FUEL/logs/items of the software, which could be used by attackers to exploit the vulnerability to execute illegal SQL commands to steal sensitive database data.

CPENameOperatorVersion
daylight studio fuel cmseq1.5.0

Related

cve 1
osv 1
cvelist 1
nvd 1
checkpoint_advisories 1
prion 1
cve
cve
CVE-2021-38727
2021-09-09 16:15:09
osv
osv
CVE-2021-38727
2021-09-09 16:15:09
cvelist
cvelist
CVE-2021-38727
2021-09-09 15:14:08
nvd
nvd
CVE-2021-38727
2021-09-09 16:15:09
checkpoint_advisories
checkpoint_advisories
FUEL CMS SQL Injection (CVE-2021-38727)
2021-10-20 00:00:00
prion
prion
Sql injection
2021-09-09 16:15:00

0.002 Low

EPSS

Percentile

61.0%

JSON
Related for CNVD-2021-74294
cve1osv1cvelist1nvd1checkpoint_advisories1prion1