CVE-2024-7928

FastAdmin CVE-2024-7928 affects the application up to version 1.3.3.20220121, where the /index/ajax/lang parameter is vulnerable to path traversal due to improper filtering. The issue can be triggered remotely and has publicly disclosed exploits/POCs. Upgrading to version 1.3.4.20220530 (or later...

CVE-2024-7928 FastAdmin lang path traversal

A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploi...

CVE-2024-7928 FastAdmin lang path traversal

A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploi...

FastAdmin 路径遍历漏洞

FastAdmin is a set of web backend development framework based on ThinkPHP and Bootstrap. FastAdmin suffers from a path traversal vulnerability, which stems from the program failing to properly filter special elements in the path of a resource or file. An attacker can exploit this vulnerability to...

PT-2024-5821

Name of the Vulnerable Software and Affected Versions FastAdmin versions prior to 1.3.4.20220530 Description A problematic issue exists in FastAdmin related to improper path restriction within the /index/ajax/lang component. This allows for path traversal, potentially enabling remote attackers to...

CVE-2024-7453

A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /adminsurl.php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument...

CVE-2024-7453

A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /adminsurl.php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument...

CVE-2024-7453 FastAdmin Attachment Management Section 4 cross site scripting

A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /adminsurl.php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument...

CVE-2024-7453

CVE-2024-7453 affects FastAdmin 1.5.0.20240328, specifically the Attachment Management Section. The vulnerability arises from manipulation of the arguments row[url], row[imagewidth], and row[imageheight] in the file /[admins url].php/general/attachment/edit/ids/4?dialog=1, leading to cross-site s...

CVE-2024-7453 FastAdmin Attachment Management Section 4 cross site scripting

A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /adminsurl.php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument...

PT-2024-38363 · Fastadmin · Fastadmin

Name of the Vulnerable Software and Affected Versions: FastAdmin version 1.5.0.20240328 Description: A vulnerability was found in the Attachment Management Section of the software, affecting the file /admins url.php/general/attachment/edit/ids/4?dialog=1. The issue arises from the manipulation of...

fastadmin 跨站脚本漏洞

fastadmin is a web backend development framework based on ThinkPHP and Bootstrap by Karson's personal developer. A cross-site scripting vulnerability exists in fastadmin 1.5.0.20240328, which stems from manipulation of parameters that can lead to cross-site scripting attacks...

fastadmin code problem vulnerability

fastadmin is a set of ThinkPHP and Bootstrap-based web backend development framework. fastadmin has a security vulnerability that stems from the fact that Fastadmin v1.2.1 is affected by a file upload vulnerability that allows execution of arbitrary code via shell access. No details of the...

CVE-2021-43117

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...

CVE-2021-43117

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...

Design/Logic Flaw

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...

CVE-2021-43117

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...

CVE-2021-43117

The CVE-2021-43117 entry concerns fastadmin v1.2.1 and is linked to a file upload vulnerability that allows arbitrary code execution via shell access. The available connected sources corroborate the vulnerability in this specific version and describe the impact as remote arbitrary code execution....

fastadmin 代码问题漏洞

fastadmin is a set of ThinkPHP and Bootstrap-based web backend development framework. fastadmin has a security vulnerability that stems from the fact that Fastadmin v1.2.1 is affected by a file upload vulnerability that allows execution of arbitrary code via shell access. No details of the...

FastAdmin has a file upload vulnerability

FastAdmin is an extremely fast backend development framework based on ThinkPHP and Bootstrap.FastAdmin is vulnerable to file upload. An attacker can use this vulnerability to gain server privileges...