Funadmin Security Vulnerabilities

CVE-2023-36097

funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins...

CVE-2023-2477

A vulnerability was found in Funadmin up to 3.2.3. It has been declared as problematic. Affected by this vulnerability is the function tagLoad of the file Cx.php. The manipulation of the argument file leads to cross site scripting. The attack can be launched remotely. The exploit has been...

CVE-2023-24774

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at...

CVE-2023-24777

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at...

CVE-2023-24782

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at...

CVE-2023-24773

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at...

CVE-2023-24780

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at...

CVE-2023-24775

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at...

CVE-2023-24781

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at...

CVE-2023-24776

Funadmin v3.2.0 was discovered to contain a remote code execution (RCE) vulnerability via the component...