CVE-2020-17463 - Fuel CMS SQL Injection Vulnerability
Project:Fuel CMS
Product:Fuel CMS
Date Added:2021-12-10Due Date:2022-06-10
Vulnerability Name
Fuel CMS SQL Injection Vulnerability
Description
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-17463