CVE-2020-24950: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
(updated )
SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.
References
Detect and mitigate CVE-2020-24950 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →