Fuel CMS Brute Force Hacking Vulnerability

FUEL CMS is a CodeIgniter-based content management system. A brute-force cracking vulnerability exists in fuel/modules/fuel/controllers/Login.php in Fuel CMS version 1.5.0. An attacker can use this vulnerability to brute-force the administrator's email address...

FUEL CMS SQL Injection Vulnerability (CNVD-2021-93894)

FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in Fuel CMS version 1.5.0. The vulnerability can be exploited to conduct SQL injection attacks via the col parameter in /fuel/index.php/fuel/pages/items...

FUEL CMS Cross-site Request Forgery Vulnerability (CNVD-2021-93893)

FUEL CMS is a CodeIgniter-based content management system. a cross-site request forgery vulnerability exists in login.php in FUEL CMS version 1.5.0. No details of the vulnerability are provided at this time...

FUEL-CMS 访问控制错误漏洞

FUEL CMS is a CodeIgniter-based content management system. A brute-force cracking vulnerability exists in fuel/modules/fuel/controllers/Login.php in Fuel CMS version 1.5.0. An attacker can use this vulnerability to brute-force the administrator's email address...

FUEL CMS SQL注入漏洞

FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in Fuel CMS version 1.5.0. The vulnerability can be exploited to conduct SQL injection attacks via the col parameter in /fuel/index.php/fuel/pages/items...

FUEL CMS 跨站请求伪造漏洞

FUEL CMS is a CodeIgniter-based content management system. a cross-site request forgery vulnerability exists in login.php in FUEL CMS version 1.5.0. No details of the vulnerability are provided at this time...

FUEL CMS 注入漏洞

FUEL CMS is a content management system CMS based on the Codelgniter framework. A security vulnerability exists in FUEL CMS, which can be exploited by attackers to conduct phishing and other attacks using a man-in-the-middle...

Laravel v5.1 suffers from a deserialization vulnerability

Laravel is a free and open source PHP web framework created by Taylor Otwell, designed to implement the MVC architecture of web software and serve as an alternative to CodeIgniter. Laravel v5.1 suffers from a deserialization vulnerability that can be exploited by an attacker to gain server...

Arbitrary File Deletion Vulnerability in CodeIgniter

CodeIgniter is a PHP framework. CodeIgniter has an arbitrary file deletion vulnerability. An attacker can exploit the vulnerability to delete arbitrary files...

CodeIgniter has a file read vulnerability

CodeIgniter is a small but powerful PHP framework. CodeIgniter has a file read vulnerability that can be exploited by an attacker to obtain sensitive information...

FUEL CMS Elevation of Privilege Vulnerability

FUEL CMS is a content management system based on CodeIgniter. An elevation of privilege vulnerability exists in FUEL CMS 1.4.7. The vulnerability can be exploited to gain super administrator privileges via the "id" and "fuelid" parameters...

FUEL CMS Cross-Site Scripting Vulnerability (CNVD-2021-17199)

FUEL CMS is a content management system based on CodeIgniter. A cross-site scripting vulnerability exists in FUEL CMS 1.4.7. An attacker can exploit this vulnerability to conduct cross-site scripting attacks bypassing filters via /fuelCM/fuel/pages/edit/1?lang=english...

FUEL CMS SQL Injection Vulnerability (CNVD-2021-17201)

FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in the 'fuelreplaceid' parameter in pages/replace/1 in FUEL CMS 1.4.8. An attacker could use this vulnerability to corrupt the application, access or modify data, or exploit a potential vulnerabilit...

FUEL CMS Cross-Site Request Forgery Vulnerability (CNVD-2021-17202)

FUEL CMS is a content management system based on CodeIgniter. A cross-site request forgery vulnerability exists in FUEL CMS 1.4.13. An attacker can exploit the vulnerability by deleting a page via the post ID of /pages/delete/3...

FUEL CMS 安全漏洞

FUEL CMS is a content management system based on CodeIgniter. An elevation of privilege vulnerability exists in FUEL CMS 1.4.7. The vulnerability can be exploited to gain super administrator privileges via the "id" and "fuelid" parameters...

FUEL CMS SQL注入漏洞

FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in the 'fuelreplaceid' parameter in pages/replace/1 in FUEL CMS 1.4.8. An attacker could use this vulnerability to corrupt the application, access or modify data, or exploit a potential vulnerabilit...

FUEL CMS Cross-Site Scripting Vulnerability (CNVD-2021-02035)

FUEL CMS is a content management system based on CodeIgniter. A stored cross-site scripting vulnerability exists in the Blocks/Navigation/Site variable in FUEL CMS 1.4.11. An attacker can exploit this vulnerability to steal cookies...

FUEL CMS SQL Injection Vulnerability (CNVD-2021-02034)

FUEL CMS is a content management system based on CodeIgniter. FUEL CMS 1.4.11 suffers from a SQL injection vulnerability. The vulnerability can be exploited by an attacker via the 'name' parameter in /fuel/permissions/create/ to compromise an application, access or modify data, or exploit a...

FUEL CMS SQL注入漏洞

FUEL CMS is a content management system based on CodeIgniter. FUEL CMS 1.4.11 suffers from a SQL injection vulnerability. The vulnerability can be exploited by an attacker via the 'name' parameter in /fuel/permissions/create/ to compromise an application, access or modify data, or exploit a...

FUEL CMS 1.4.8 suffers from SQL Injection Vulnerability

FUELCMS is a CMS system based on the Codeigniter framework. FUEL CMS 1.4.8 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...