4 matches found
CVE-2023-24774
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \controller\auth\Auth.php...
CVE-2023-24774
creationtimestamp| type| source ---|---|--- 2023-03-10 16:20:56+00:00| seen| https://t.me/cibsecurity/59785 2023-04-03 09:18:27+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4096 2023-04-03 09:24:42+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4097 2025-03-02...
CVE-2023-24774
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \controller\auth\Auth.php...
CVE-2023-24774
Funadmin 3.2.0 is affected by an SQL injection via the selectFields parameter in controller/auth/Auth.php. The vulnerability enables unauthenticated network-exposed exploitation with high impact on confidentiality, integrity and availability (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base 9...