115 matches found
EUVD-2018-2342
Malware in sbrugna...
EUVD-2024-48375
Malicious code in bioql PyPI...
CVE-2024-7453
A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /adminsurl.php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument...
CVE-2024-7928
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploi...
CVE-2020-21665
In fastadmin V1.0.0.20191212beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh...
CVE-2020-25967
The member center function in fastadmin V1.0.0.20200506beta is vulnerable to a Server-Side Template Injection SSTI vulnerability...
CVE-2020-21667
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection...
CVE-2020-26609
fastadmin V1.0.0.20200506beta contains a cross-site scripting XSS vulnerability which may allow an attacker to obtain administrator credentials to log in to the background...
CVE-2019-17432
An issue was discovered in fastadmin 1.0.0.20190705beta. There is a public/admin/general.config/edit CSRF vulnerability, as demonstrated by resultant XSS via the rowname parameter...
CVE-2019-17431
An issue was discovered in fastadmin 1.0.0.20190705beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability...
The vulnerability of the /index/ajax/lang component of the FastAdmin remote administration utility, which allows a hacker to expose protected information.
The vulnerability of the /index/ajax/lang component of the FastAdmin remote administration utility is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected information...
VulnCheck KEV: CVE-2024-7928
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The...
Exploit for Path Traversal in Fastadmin
CVE-2024-7928: FastAdmin Installation bash g...
TpMeCMS Cross-Site Scripting Vulnerability
TpMeCMS is a CMS developed on the FastAdmin framework. TpMeCMS version 1.3.3.2 suffers from a cross-site scripting vulnerability, which originates from the lack of effective filtering and escaping of user-supplied data in the parameter Site Name/Beian/Contact address/copyright/technical support i...
FastAdmin Path Traversal Vulnerability
FastAdmin is a set of web backend development framework based on ThinkPHP and Bootstrap. FastAdmin suffers from a path traversal vulnerability, which stems from the program failing to properly filter special elements in the path of a resource or file. An attacker can exploit this vulnerability to...
Exploit for Path Traversal in Fastadmin
CVE-2024-7928 POC for CVE-2024-7928. Will attempt to retrieve...
Exploit for Path Traversal in Fastadmin
CVE-2024-7928 POC for CVE-2024-7928. Will attempt to retrieve...
Exploit for Path Traversal in Fastadmin
CVE-2024-7928 POC for CVE-2024-7928. Will attempt to retrieve...
CVE-2024-7928
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploi...
CVE-2024-7928
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploi...