14 matches found
CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection due to improper authorization through the fieldlist method in controller\Table.php file. An attacker can manipulate SQL queries and access or modify data in the database without. Remediation There is no fixed version for...
GHSA-X2FR-VJ74-5H35 SQL injection in funadmin
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
SQL injection in funadmin
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
PT-2024-33033 · Funadmin · Funadmin
Name of the Vulnerable Software and Affected Versions: Funadmin version 5.0.2 Description: The issue is a SQL injection vulnerability located in the /curd/table/fieldlist API endpoint. This allows for potential exploitation by injecting malicious SQL code. No information is provided about the...
CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
FunAdmin 安全漏洞
FunAdmin is FunAdmin open source a lightweight and high-color backend development system based on ThinkPHP6+Layui development. A security vulnerability exists in FunAdmin version 5.0.2, which originates from an SQL injection vulnerability in /curd/table/fieldlist...
CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist...
CVE-2024-48223
Funadmin v5.0.2 is affected by a SQL injection in the /curd/table/fieldlist API endpoint. The root cause is improper handling/validation of input in that endpoint, enabling attacker-controlled SQL commands. Documented impact scope includes potential data disclosure/modification with high severity...
Memory corruption
The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or...
Design/Logic Flaw
The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to execute arbitrary code via a web site that...
CVE-2010-1881
The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or...