19 matches found
CVE-2021-47980 Fuel CMS 1.4.13 Blind SQL Injection via col Parameter
Fuel CMS 1.4.13 contains a blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'col' parameter in the Activity Log interface. Attackers can send requests to the logs endpoint with malicious SQL payloads in the 'col...
CVE-2021-47980 Fuel CMS 1.4.13 Blind SQL Injection via col Parameter
Fuel CMS 1.4.13 contains a blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'col' parameter in the Activity Log interface. Attackers can send requests to the logs endpoint with malicious SQL payloads in the 'col...
CVE-2021-47980
Fuel CMS 1.4.13 is affected by a blind SQL injection via the col parameter in the Activity Log interface. Authenticated attackers can craft requests to the logs endpoint with malicious SQL payloads in col to influence database queries and infer data based on response-time delays. The provided doc...
PT-2026-41466
Name of the Vulnerable Software and Affected Versions Fuel CMS version 1.4.13 Description Authenticated attackers can manipulate database queries by injecting SQL code through the col parameter in the Activity Log interface. By sending requests to the 'logs' endpoint with malicious SQL payloads i...
CVE-2021-28925
SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...
CVE-2021-45786
In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges...
Maccms 授权问题漏洞
Maccms program is a complete and powerful fast website building system running in PHP MYSQL environment. Maccms has an elevation of privilege vulnerability, which can be exploited by attackers to gain privileges through the "col" and "openid" parameters in /index.php/user/login to obtain privileg...
PT-2021-22582 · Seo Panel · Seo Panel
Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: Multiple Cross Site Scripting XSS vulnerabilities exist in SEO Panel via several parameters in various PHP files. The affected parameters include to time in files such as backlinks.php, analytics.php, and...
FUEL CMS SQL Injection Vulnerability (CNVD-2021-93894)
FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in Fuel CMS version 1.5.0. The vulnerability can be exploited to conduct SQL injection attacks via the col parameter in /fuel/index.php/fuel/pages/items...
CVE-2021-38727
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/logs/items...
FUEL CMS SQL注入漏洞
FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in Fuel CMS version 1.5.0. The vulnerability can be exploited to conduct SQL injection attacks via the col parameter in /fuel/index.php/fuel/pages/items...
Sql injection
SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...
VulnCheck KEV: CVE-2020-17463
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items...
CVE-2020-17463
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items...
CVE-2020-17463
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items...
Sql injection
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items...
CVE-2020-17463
Summary: CVE-2020-17463 affects Fuel CMS 1.4.7 and enables SQL Injection via the col parameter in /pages/items, /permissions/items, or /navigation/items. The underlying issue is a CWE-89-style vulnerable input handling that allows untrusted input to affect SQL queries. Impact in sources: high, in...
CVE-2020-17463
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items...
CVE-2020-17463
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...