Fuel.CMS.Col.SQL.Injection
Description
This indicates an attack attempt to exploit an SQL Injection Vulnerability in Fuel CMS.
The vulnerability is due to insufficient validation of the vulnerable parameter values. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the vulnerable endpoint. Successful exploitation could result in arbitrary SQL command execution against the target server's database.
Affected Products
Fuel CMS 1.4.7
Impact
System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application.
Recommended Actions
Upgrade to the latest version available from the vendor.
https://www.getfuelcms.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |