8 matches found
SUSE CVE-2017-11631
dapur/app/appuser/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter...
Fiyo CMS SQL Injection Vulnerability (CNVD-2018-00247)
Fiyo CMS is a content management system CMS for creating CMS templates. A SQL injection vulnerability exists in the /system/site.php file in Fiyo CMS version 2.0.7. A remote attacker can exploit the vulnerability to retrieve data from the database...
Fiyo CMS dapur/apps/app_article/sys_article.php file SQL injection vulnerability
Fiyo CMS is a content management system CMS for creating CMS templates. A SQL injection vulnerability exists in the dapur/apps/apparticle/sysarticle.php file in Fiyo CMS version 2.0.7. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...
CVE-2017-11417
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/controller/articlestatus.php via $GET'id'...
Fiyo CMS SQL Injection Vulnerability (CNVD-2017-23890)
Fiyo CMS is a content management system CMS for creating CMS templates. A SQL injection vulnerability exists in the /apps/apparticle/controller/editor.php file in Fiyo CMS version 2.0.7. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the help of $POST'id'...
CVE-2017-11354
Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/apparticle/sysarticle.php via the name parameter in editing or adding a tag name...
Fiyo CMS Cross-Site Scripting Vulnerability (CNVD-2016-03509)
Fiyo CMS is a content management system. Fiyo CMS fails to properly filter user-submitted "name" POST parameter data, which allows remote attackers to execute arbitrary HTML and script code in the affected browsers...
Fiyo CMS Access Control Bypass Vulnerability
Fiyo CMS is small business phone service and mobile collaboration tool. Fiyo CMS suffers from access control bypass vulnerabilities. An attacker could exploit these vulnerabilities to perform unauthorized operations...