Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name.
References
Link | Resource |
---|---|
https://github.com/FiyoCMS/FiyoCMS/issues/4 | Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2017-07-17 06:18
Updated : 2017-07-20 13:02
NVD link : CVE-2017-11354
Mitre link : CVE-2017-11354
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
fiyo
- fiyo_cms