302 matches found
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection due to improper input sanitization via the editfile method in \controller\Index.php file . An attacker can execute arbitrary SQL commands by injecting malicious SQL code into the input parameters. Remediation There is no...
GHSA-VW6X-C5RG-JMJP SQL injection in funadmin
Funadmin v5.0.2 has an arbitrary file deletion vulnerability in /curd/index/delfile...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the edit method in controller\Table.php file. An attacker can manipulate SQL queries and access or modify data in the database. Remediation There is no fixed version for funadmin/funadmin. References - GitHub Issue...
GHSA-6J8F-88MH-R9VQ SQL injection in funadmin
Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile...
GHSA-5G66-93QV-565J SQL injection in funadmin
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit...
GHSA-H4PX-9VMP-P7PV SQL injection in funadmin
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...
GHSA-R9V5-Q97M-RJ5G Logic flaw in Funadmin
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...
GHSA-X2FR-VJ74-5H35 SQL injection in funadmin
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
SQL injection in funadmin
Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection due to improper authorization through the fieldlist method in controller\Table.php file. An attacker can manipulate SQL queries and access or modify data in the database without. Remediation There is no fixed version for...
GHSA-9GW3-QR2F-3VG5 SQL injection in funadmin
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield...
SQL injection in funadmin
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...
SQL injection in funadmin
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield...
CVE-2024-48230
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48227
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...
CVE-2024-48229
funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin...
CVE-2024-48230
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48227
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service DOS...
CVE-2024-48224
Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile...
CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...