3 matches found
PT-2025-6754 · Daylight Studio · Fuel Cms
Name of the Vulnerable Software and Affected Versions: Daylight Studio Fuel CMS version 1.5.2 Description: The issue allows an attacker to escalate privileges through the "fuel/blocks/" and "fuel/pages/" components. This is a Cross Site Scripting issue that can be exploited to gain elevated acces...
CVE-2021-38723
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/pages/items...
CVE-2021-38723
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/pages/items...