CVE-2020-24950: Withdrawn Advisory: Daylight Studio FUEL-CMS SQLi Vulnerability
(updated )
Withdrawn Advisory
This advisory has been withdrawn because this vulnerability does not affect a package in a supported ecosystem. This link has been maintained to preserve external references.
Original Description
SQL Injection vulnerability in file Base_module_model.php
in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col
parameter to function list_items
.
References
Code Behaviors & Features
Detect and mitigate CVE-2020-24950 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →