← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-17463 — Actively Exploited: Fuel CMS (Fuel CMS)

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.

CVE IDCVE-2020-17463
VendorFuel CMS
ProductFuel CMS
Vulnerability nameFuel CMS SQL Injection Vulnerability
Date added2021-12-10
Remediation due2022-06-10
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionFUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →