CVE-2017-17103

Fiyo CMS 2.0.7 has SQL injection in /apps/appuser/sysuser.php via $POSTname or $POSTemail. This vulnerability can lead to escalation from normal user privileges to administrator privileges...