CVE-2020-24950

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.

daylightstudio/FUEL-CMS
daylightstudio/FUEL-CMS
A CodeIgniter Content Management System
GitHubGitHub
1.02K