📦 Fiyo Cms
by Fiyo
🔍 What is Fiyo Cms?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2015-3934 is a critical SQL injection vulnerability in Fiyo CMS that allows remote attackers to execute arbitrary SQL commands through the id parameter in rating.php or the user parameter in login...
CVE-2014-9148 is an access control bypass vulnerability in Fiyo CMS that allows remote attackers to execute super administrator functions without authentication. Attackers can directly access the 'Ins...
CVE-2017-11631 is a critical SQL injection vulnerability in Fiyo CMS that allows attackers to execute arbitrary SQL commands via the 'id' parameter in the status.php controller. This affects all users...
CVE-2017-11412 is a critical SQL injection vulnerability in Fiyo CMS 2.0.7 that allows attackers to execute arbitrary SQL commands through the comment_status.php component. This affects all websites r...
CVE-2017-11414 is a critical SQL injection vulnerability in Fiyo CMS 2.0.7 that allows attackers to execute arbitrary SQL commands through multiple user input fields. This affects all installations of...
CVE-2017-11416 is a critical SQL injection vulnerability in Fiyo CMS 2.0.7 that allows attackers to execute arbitrary SQL commands through the name parameter in the comment insertion functionality. Th...
CVE-2017-11418 is a critical SQL injection vulnerability in Fiyo CMS that allows attackers to execute arbitrary SQL commands through multiple GET parameters. This affects all users running Fiyo CMS 2....
CVE-2017-11354 is a critical SQL injection vulnerability in Fiyo CMS v2.0.7 that allows attackers to execute arbitrary SQL commands through the name parameter when editing or adding tag names. This af...
This vulnerability allows unauthenticated attackers to upload malicious PHP files (webshells) to Fiyo CMS servers and execute arbitrary code. It affects all Fiyo CMS 2.x installations up to version 2....
CVE-2017-17103 is a SQL injection vulnerability in Fiyo CMS 2.0.7 that allows attackers to manipulate database queries through user input fields. This enables privilege escalation from normal user to ...