Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thedaylightstudio vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-38721
FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability
Thedaylightstudio Fuel Cms 1.5.0
578
VMScore
CVE-2021-38723
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/pages/items
Thedaylightstudio Fuel Cms 1.5.0
670
VMScore
CVE-2021-38727
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/logs/items
Thedaylightstudio Fuel Cms 1.5.0
383
VMScore
CVE-2020-26046
FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account and also impact other visitors.
Thedaylightstudio Fuel Cms 1.4.11
NA
CVE-2020-22151
Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote malicious user to execute arbitrary code via a crafted zip file to the assests parameter of the upload function.
Thedaylightstudio Fuel Cms 1.4.6
NA
CVE-2020-22152
Cross Site Scripting vulnerability in daylight studio FUEL- CMS v.1.4.6 allows a remote malicious user to execute arbitrary code via the page title, meta description and meta keywords of the pages function.
Thedaylightstudio Fuel Cms 1.4.6
NA
CVE-2020-22153
File Upload vulnerability in FUEL-CMS v.1.4.6 allows a remote malicious user to execute arbitrary code via a crafted .php file to the upload parameter in the navigation function.
Thedaylightstudio Fuel Cms 1.4.6
445
VMScore
CVE-2021-38725
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php
Thedaylightstudio Fuel Cms 1.5.0
312
VMScore
CVE-2022-27156
Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection.
Thedaylightstudio Fuel Cms 1.5.1
605
VMScore
CVE-2018-16416
Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote malicious users to change the administrator's password.
Thedaylightstudio Fuel Cms 1.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »