CVE-2017-17102

Name of the Vulnerable Software and Affected Versions Fiyo CMS version 2.0.7

Description The issue concerns SQL injection. It can be exploited via the /system/site.php API endpoint, specifically through the link variable in the $ REQUEST array.

Recommendations For Fiyo CMS version 2.0.7, consider restricting access to the /system/site.php endpoint until a patch is available, and avoid using the link variable in this endpoint to minimize the risk of exploitation.