302 matches found
CVE-2023-24773
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...
CVE-2023-24777
CVE-2023-24777 is a SQL injection vulnerability affecting Funadmin v3.2.0 exposed via the id parameter in the /databases/table/list endpoint. The root cause is unsafely handling the id input, enabling attack execution likely over network with no user interaction, and resulting in high confidentia...
CVE-2023-24782
CVE-2023-24782 corresponds to a SQL injection vulnerability in Funadmin v3.2.0. The flaw is exploitable via the id parameter on the /databases/database/edit endpoint, allowing unauthorized access/manipulation of database content. The CVSS v3.1 metrics show a CRITICAL base score of 9.8 (Network ac...
PT-2023-19772 · Funadmin · Funadmin
Name of the Vulnerable Software and Affected Versions: Funadmin version 3.2.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/databases/database/list" API endpoint. Recommendations: For Funadmin version 3.2.0,...
CVE-2023-24782
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...
PT-2023-19779 · Funadmin · Funadmin
Name of the Vulnerable Software and Affected Versions: Funadmin version 3.2.0 Description: The issue is a SQL injection vulnerability that can be exploited via the id parameter at the "/databases/database/edit" API endpoint. This allows for potential unauthorized access and manipulation of databa...
FunAdmin SQL注入漏洞
FunAdmin is FunAdmin open source development based on ThinkPHP6+Layui a lightweight high-profile back-end development system . FunAdmin version 3.2.0 there is a security vulnerability , the vulnerability stems from the /databases/database/list through the id parameter found to contain SQL injecti...
FunAdmin SQL注入漏洞
FunAdmin is FunAdmin open source based on ThinkPHP6+Layui development of a lightweight high-profile back-end development system . FunAdmin v3.2.0 version of the existence of security vulnerabilities , the vulnerability stems from the existence of SQL injection via the /databases/table/list id...
CVE-2023-24782
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit...
PT-2023-19776 · Funadmin · Funadmin
Name of the Vulnerable Software and Affected Versions: Funadmin version 3.2.0 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the id parameter at the "/databases/table/list" API endpoint. Recommendations: For Funadmin version 3.2.0, consider restricting...
FunAdmin SQL注入漏洞
FunAdmin is FunAdmin open source based on ThinkPHP6+Layui development of a lightweight high-profile back-end development system . FunAdmin v3.2.0 version there is a security vulnerability , the vulnerability stems from the existence of SQL injection via the /databases/database/edit id parameter...
GHSA-V43V-PV95-JC55 SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...
SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...
CVE-2023-24775
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...
CVE-2023-24775
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...
Sql injection
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...
SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php...
GHSA-VHRV-9F9G-RFRX SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php...
CVE-2023-24781
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php...
CVE-2023-24781
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php...