fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell...
9.8CVSS
9.8AI Score
0.003EPSS
fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the...
5.4CVSS
6AI Score
0.001EPSS
The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI)...
8.8CVSS
7.7AI Score
0.001EPSS
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL...
7.2CVSS
8.5AI Score
0.001EPSS
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL...
7.2CVSS
7.4AI Score
0.001EPSS
An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/admin/general.config/edit CSRF vulnerability, as demonstrated by resultant XSS via the row[name]...
6.5CVSS
6.2AI Score
0.001EPSS
An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/index.php/admin/auth/admin/add CSRF...
8.8CVSS
7.4AI Score
0.001EPSS
FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1...
8.8CVSS
7.3AI Score
0.001EPSS
An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\api\controller\User.php avatar...
5.4CVSS
6.2AI Score
0.001EPSS