CVE-2021-38727

CVE-2021-38727

EPSS 1.6%

FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/logs/items

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/daylightstudio/FUEL-CMS/issues/582 https://streamable.com/lxw3ln https://www.nu11secur1ty.com/2021/10/cve-2021-38727.html