Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thedaylightstudio vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-17463
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
Thedaylightstudio Fuel Cms 1.4.7
8.8
CVSSv3
CVE-2021-36570
Cross Site Request Forgery vulnerability in FUEL-CMS 1.4.13 allows remote malicious users to run arbitrary code via post ID to /permissions/delete/2---.
Thedaylightstudio Fuel Cms 1.4.13
5.4
CVSSv3
CVE-2021-44607
A Cross Site Scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG file.
Thedaylightstudio Fuel Cms 1.5.1
5.4
CVSSv3
CVE-2022-28599
A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 that allows an authenticated user to upload a malicious .pdf file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger a XSS attack.
Thedaylightstudio Fuel Cms 1.5.1
8.8
CVSSv3
CVE-2018-16416
Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote malicious users to change the administrator's password.
Thedaylightstudio Fuel Cms 1.4
8.8
CVSSv3
CVE-2020-23722
An issue exists in FUEL CMS 1.4.7. There is a escalation of privilege vulnerability to obtain super admin privilege via the "id" and "fuel_id" parameters.
Thedaylightstudio Fuel Cms 1.4.7
5.4
CVSSv3
CVE-2020-23721
An issue exists in FUEL CMS V1.4.7. An attacker can use a XSS payload and bypass a filter via /fuelCM/fuel/pages/edit/1?lang=english.
Thedaylightstudio Fuel Cms 1.4.7
5.4
CVSSv3
CVE-2022-27156
Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection.
Thedaylightstudio Fuel Cms 1.5.1
6.5
CVSSv3
CVE-2021-38721
FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability
Thedaylightstudio Fuel Cms 1.5.0
5.3
CVSSv3
CVE-2021-38725
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php
Thedaylightstudio Fuel Cms 1.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »