CVE-2017-17103

Published: 2017-12-04T08:29Z

Last Modified: 2024-11-21T03:17Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. This vulnerability can lead to escalation from normal user privileges to administrator privileges. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt