Vulnerabilities > Thedaylightstudio
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-09 | CVE-2018-16762 | SQL Injection vulnerability in Thedaylightstudio Fuel CMS FUEL CMS 1.4.1 allows SQL Injection via the layout, published, or search_term parameter to pages/items. | 9.8 |
2018-09-03 | CVE-2018-16416 | Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.4 Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password. | 8.8 |