Two U.S. Men Charged in 2022 Hacking of DEA Portal

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency DEA online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised...

GHSA-PVP6-53R9-8VXH SQL Injection in Funadmin

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

SQL Injection in Funadmin

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

CVE-2023-24777

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

Sql injection

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

GHSA-QHQ8-2F3M-GXVP SQL Injection in Funadmin

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...

CVE-2023-24782

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...

CVE-2023-24782

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...

Sql injection

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...

GHSA-M8WF-WMWH-JW2M SQL Injection in Funadmin

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...

CVE-2023-24773

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...

CVE-2023-24773

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...

Sql injection

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...

GHSA-7PMH-8QJJ-4Q36 SQL Injection in Funadmin

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...

SQL Injection in Funadmin

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...

CVE-2023-24780

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...

CVE-2023-24780

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...

Sql injection

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...

CVE-2023-24777

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

PT-2023-19772 · Funadmin · Funadmin

Name of the Vulnerable Software and Affected Versions: Funadmin version 3.2.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/databases/database/list" API endpoint. Recommendations: For Funadmin version 3.2.0,...