3 matches found
Exploit for SQL Injection in Funadmin
CVE-2023-24775-and-CVE-2023-24780 my python poc 2023-24780 and...
CVE-2023-24775
CVE-2023-24775 affects Funadmin v3.2.0. The issue is a SQL injection in the selectFields parameter of the file path \member\Member.php, enabling attacker-controlled SQL fragments. Public references (Red Hat, GHSA, OSV, NVD) reiterate the same vector and impact (high confidentiality, integrity, av...
CVE-2023-24775
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...