CVE-2017-11412

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/comment_status.php via $_GET[‘id’].

Date published : 2017-07-18

https://github.com/FiyoCMS/FiyoCMS/issues/5