2 matches found
CVE-2017-11414
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/appcomment/syscomment.php via $POST'comment', $POST'name', $POST'web', $POST'email', $POST'status', $POST'id', and $REQUEST'id'...
CVE-2017-11414
Fiyo CMS 2.0.7 is affected by a SQL injection in dapur/apps/app_comment/sys_comment.php, exploitable via $_POST['comment'], $_POST['name'], $_POST['web'], $_POST['email'], $_POST['status'], $_POST['id'], and $_REQUEST['id']. The CVE entry is corroborated across multiple sources (NVD/CVE records, ...