FUEL CMS is a content management system (CMS) based on the Codelgniter framework. FUEL CMS version 1.5.0 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in parameter col in /FUEL/index.php/FUEL/logs/items of the software, which could be used by attackers to exploit the vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
daylight studio fuel cms | eq | 1.5.0 |