Lucene search
K

6 matches found

Snyk
Snyk
added 2026/02/22 12:31 a.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the getMember function. An attacker can obtain sensitive information by sending crafted requests to the affected endpoint. Remediation There is no fixed version for funadmin/funadmin. References - GitHub Issue -...

9.1CVSS5.9AI score0.004EPSS
Exploits1References2
Snyk
Snyk
added 2024/10/25 9:31 p.m.3 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the parentField parameter in the index method of backend/controller/auth/Auth.php file. An attacker can manipulate SQL queries and access or modify data in the database. Remediation There is no fixed version for...

9.8CVSS8AI score0.00472EPSS
Exploits1References2
Snyk
Snyk
added 2024/10/25 9:31 p.m.2 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the edit method in controller\Table.php file. An attacker can manipulate SQL queries and access or modify data in the database. Remediation There is no fixed version for funadmin/funadmin. References - GitHub Issue...

9.8CVSS7.9AI score0.00561EPSS
Exploits1References2
Snyk
Snyk
added 2024/10/25 9:31 p.m.2 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection through the app\curd\controller\Table.php file. An attacker can manipulate SQL queries and access or alter database information without proper authorization. Remediation There is no fixed version for funadmin/funadmin...

9.8CVSS7.7AI score0.00542EPSS
Exploits1References2
Snyk
Snyk
added 2024/10/25 9:31 p.m.3 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection due to improper authorization through the fieldlist method in controller\Table.php file. An attacker can manipulate SQL queries and access or modify data in the database without. Remediation There is no fixed version for...

9.8CVSS7.9AI score0.00542EPSS
Exploits1References2
Snyk
Snyk
added 2024/10/21 12:41 p.m.3 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the selectFields parameter in the index function in Auth.php. Remediation There is no fixed version for funadmin/funadmin. References - GitHub Issue - Vulnerable Code...

9.8CVSS8AI score0.00486EPSS
Exploits1References2
Rows per page
Query Builder