3 matches found
CVE-2024-48231
Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48231
Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48231
CVE-2024-48231 affects Funadmin 5.0.2. The vulnerability is an SQL Injection in the backend/auth/Auth.php: the index() method mishandles the selectFields parameter, enabling manipulation of database queries. This is confirmed across multiple sources (Veracode, Snyk, GHSA, OSV, NVD) describing a S...