Headline
GHSA-7rvp-xqj7-rxf2: Daylight Studio FUEL-CMS SQLi Vulnerability
SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.
Daylight Studio FUEL-CMS SQLi Vulnerability
Moderate severity GitHub Reviewed Published Aug 11, 2023 to the GitHub Advisory Database • Updated Aug 11, 2023
Related news
CVE-2020-24950: Vulnerability - SQL Injection · Issue #562 · daylightstudio/FUEL-CMS
SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.