8 matches found
CVE-2026-30462
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal...
CVE-2026-30462
This CVE covers a path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 . Connected sources consistently identify the issue as a directory traversal risk within the Blocks component, affecting FuelCMS’s Blocks controller (e.g., Blocks.php). No concrete exploitation d...
CVE-2026-30462
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal...
CVE-2026-30459
An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message...
EUVD-2026-22976
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the /controllers/Installer.php and the function addgitsubmodule...
CVE-2026-30463
Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php component...
CVE-2026-30463
Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php component...
PT-2026-28400
Name of the Vulnerable Software and Affected Versions Daylight Studio FuelCMS version 1.5.2 Description FuelCMS version 1.5.2 contains a SQL injection issue through the /controllers/Login.php component. The vulnerability is located in the /controllers/Login.php component and allows for potential...