Fuel Cms Security Vulnerabilities and Issues — Fuel Cms CVE List

Lucene search

ThedaylightstudioFuel Cms

3 matches found

CVE•added 2018/09/09 9:29 p.m.•234 views

CVE-2018-16763

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.

9.8CVSS9.4AI score0.93933EPSS

CVE•added 2018/09/09 9:29 p.m.•41 views

CVE-2018-16762

FUEL CMS 1.4.1 allows SQL Injection via the layout, published, or search_term parameter to pages/items.

9.8CVSS9.8AI score0.00264EPSS

CVE•added 2018/09/03 7:29 p.m.•28 views

CVE-2018-16416

Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password.

8.8CVSS8.7AI score0.00214EPSS