Security Researchers Roel Van Beurden from exploitdb sites, has found Fuel CMS part of vulnerability.
Fuel CMS is a php script then allows you to manage contact, accunts users passwords, phone numbers etc for your clients.
Fuel CMS is solution for every company then are using data.
But researchers Roel, has found Fuel CMS as part of vulnerability with SQL Injection Method authenticated.
” Fuel CMS 1.4.7 allows SQL Injection via parameter ‘col’ in pages/items, permissions/items, navigation/items and logs/items
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.”, says the researchers.
The Vendor has patched the SQLi vulnerability in version 1.4.8, if you are using this CMS do upgrade urgently!