2 matches found
CVE-2017-11631
dapur/app/appuser/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter...
CVE-2017-11631
CVE-2017-11631 affects Fiyo CMS 2.0.7: the file dapur/app/app_user/controller/status.php exposes an SQL injection vulnerability via the id parameter. The vulnerability arises from unsafely interpolating the id value into a SQL query, potentially allowing an attacker to perform arbitrary queries. ...