303 matches found
Sql injection
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...
GHSA-QHQ8-2F3M-GXVP SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...
SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...
CVE-2023-24782
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...
CVE-2023-24782
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...
Sql injection
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...
GHSA-M8WF-WMWH-JW2M SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...
SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...
CVE-2023-24773
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...
CVE-2023-24773
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...
Sql injection
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...
GHSA-7PMH-8QJJ-4Q36 SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...
SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...
CVE-2023-24780
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...
CVE-2023-24780
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...
Sql injection
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...
CVE-2023-24777
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...
CVE-2023-24777
CVE-2023-24777 is a SQL injection vulnerability affecting Funadmin v3.2.0 exposed via the id parameter in the /databases/table/list endpoint. The root cause is unsafely handling the id input, enabling attack execution likely over network with no user interaction, and resulting in high confidentia...
CVE-2023-24782
CVE-2023-24782 corresponds to a SQL injection vulnerability in Funadmin v3.2.0. The flaw is exploitable via the id parameter on the /databases/database/edit endpoint, allowing unauthorized access/manipulation of database content. The CVSS v3.1 metrics show a CRITICAL base score of 9.8 (Network ac...
CVE-2023-24773
CVE-2023-24773 affects Funadmin v3.2.0. The vulnerability is a SQL injection in the id parameter of the /databases/database/list endpoint. Public summaries consistently describe it as a high-severity issue (CVSS v3.1: 9.8, CRITICAL) with network attack vector, no authentication, and impact to con...