Lucene search
K

60 matches found

Vulnrichment
Vulnrichment
added 2026/03/26 12:0 a.m.2 views

CVE-2026-30458

An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack...

5.9AI score0.00357EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.4 views

PT-2026-28400

Name of the Vulnerable Software and Affected Versions Daylight Studio FuelCMS version 1.5.2 Description FuelCMS version 1.5.2 contains a SQL injection issue through the /controllers/Login.php component. The vulnerability is located in the /controllers/Login.php component and allows for potential...

7.7CVSS5.9AI score0.00309EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/26 12:0 a.m.1 views

CVE-2026-30463

Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php component...

6AI score0.00309EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.8 views

PT-2026-28398

Name of the Vulnerable Software and Affected Versions FuelCMS version 1.5.2 Description An issue exists in the /parser/dwoo component that allows attackers to execute arbitrary code through crafted PHP code. The affected component is susceptible to code execution when processing specially designe...

9.8CVSS6.5AI score0.00631EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.4 views

PT-2026-28399

Name of the Vulnerable Software and Affected Versions Daylight Studio FuelCMS version 1.5.2 Description An issue exists in Daylight Studio FuelCMS version 1.5.2 that allows attackers to obtain users' password reset tokens through a mail splitting attack. A mail splitting attack involves...

9.1CVSS5.8AI score0.00357EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/03/26 12:0 a.m.3 views

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

6.2AI score0.00631EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/26 12:0 a.m.2 views

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

6.2AI score0.00631EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/26 12:0 a.m.4 views

CVE-2026-30458

An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack...

5.8AI score0.00357EPSS
Exploits1References5
CVE
CVE
added 2026/03/26 12:0 a.m.19 views

CVE-2026-30457

CVE-2026-30457 affects Daylight Studio FuelCMS v1.5.2 in the internal /parser/dwoo component. The issue allows attackers to execute arbitrary PHP code through crafted PHP input, indicating a code-execution vulnerability with a high impact. The available sources identify the affected software/vers...

9.8CVSS6.2AI score0.00631EPSS
Exploits1References2Affected Software2
CVE
CVE
added 2026/03/26 12:0 a.m.11 views

CVE-2026-30463

CVE-2026-30463 affects Daylight Studio FuelCMS v1.5.2. The vulnerability is a SQL injection in the /controllers/Login.php component. Root cause is an injectable parameter handling in that login controller. Remediation per PT-Security PT-2026-28400 is to update FuelCMS to a newer version; as a tem...

7.7CVSS5.9AI score0.00309EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/26 12:0 a.m.10 views

CVE-2026-30458

CVE-2026-30458 affects Daylight Studio FuelCMS v1.5.2. The issue allows exfiltration of password reset tokens through a mail-splitting attack, with CVSS v3.1 base score 9.1 (CRITICAL) and high impact to confidentiality/integrity; exploitation details are not provided in the documents. Remediation...

9.1CVSS5.8AI score0.00357EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/26 12:0 a.m.23 views

CVE-2026-30463

Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php component...

0.00309EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/26 12:0 a.m.24 views

CVE-2026-30458

An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack...

0.00357EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/26 12:0 a.m.25 views

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

0.00631EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2022/05/31 3:31 p.m.58 views

Exploit for Injection in Thedaylightstudio Fuel_Cms

CVE-2018-16763 - FuelCMS Exploit to trigger RCE for CVE-2...

9.8CVSS8.3AI score0.82937EPSS
Exploits17
GithubExploit
GithubExploit
added 2020/10/10 8:23 p.m.53 views

Exploit for Injection in Thedaylightstudio Fuel_Cms

CVE-2018-16763 FuelCMS 1.4.1 Remote Code Execution Vulnera...

9.8CVSS8.1AI score0.82937EPSS
Exploits17
GithubExploit
GithubExploit
added 2020/10/10 8:23 p.m.53 views

Exploit for Injection in Thedaylightstudio Fuel_Cms

CVE-2018-16763 FuelCMS 1.4.1 Remote Code Execution Vulnera...

9.8CVSS8.1AI score0.82937EPSS
Exploits17
0day.today
0day.today
added 2019/07/20 12:0 a.m.385 views

fuelCMS 1.4.1 - Remote Code Execution Exploit

Exploit for linux platform in category web applications Exploit Title: fuelCMS 1.4.1 - Remote Code Execution Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start =...

7.5CVSS9.6AI score0.82937EPSS
Exploits17
exploitpack
exploitpack
added 2019/07/19 12:0 a.m.74 views

fuelCMS 1.4.1 - Remote Code Execution

fuelCMS 1.4.1 - Remote Code Execution Exploit Title: fuelCMS 1.4.1 - Remote Code Execution Date: 2019-07-19 Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start =...

7.5CVSS9.8AI score0.82937EPSS
Exploits17
Packet Storm
Packet Storm
added 2019/07/19 12:0 a.m.461 views

fuelCMS 1.4.1 Remote Code Execution

Exploit Title: fuelCMS 1.4.1 - Remote Code Execution Date: 2019-07-19 Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start = haystack.findneedle, start+1 n -= 1 return start...

7.5CVSS9.5AI score0.82937EPSS
Exploits17
Rows per page
Query Builder