A SQL injection vulnerability was discovered in Daylight Studio FuelCMS v1.5.2. The vulnerability exists in the /controllers/Login.php component. This vulnerability has a high CVSS score of 7.7, indicating a high severity level. The CVE record was published on 2026-03-26T19:17:00.183Z and last modified on 2026-07-05T17:17:29.580Z. The NVD entry is currently Modified. Users of FuelCMS v1.5.2 should be awar [truncated]
CVE-2026-30457 is a critical vulnerability in Daylight Studio FuelCMS v1.5.2. The issue lies in the /parser/dwoo component, allowing attackers to execute arbitrary code via crafted PHP code. The vulnerability has a CVSS score of 9.8 and is considered CRITICAL. This vulnerability can lead to full control of the affected system if exploited. Users of Daylight Studio FuelCMS v1.5.2 should prioritize patching [truncated]