CVE-2021-38725

Same vendor

• CVE-2021-38727 — FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/logs/items (9.8 CRITICAL)
• CVE-2021-38723 — FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/pages/items (8.8 HIGH)
• CVE-2021-38721 — FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability (6.5 MEDIUM)
• CVE-2021-38290 — A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/lib... (8.1 HIGH)

Same CWE

• CVE-2026-6853 — Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe Businesses Industry and Trade Ltd (9.8 CRITICAL)
• CVE-2026-3329 — A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository v...
• CVE-2026-43926 — FOSSBilling is a free, open-source billing and client management system
• CVE-2026-36612 — Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2.0 by default with a weak lockout policy (60-second lockout after 1... (6.4 MEDIUM)
• CVE-2026-36607 — Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change e... (8.8 HIGH)