20 matches found
CVE-2024-48231
Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2025-25789
FoxCMS v1.2.5 was discovered to contain a remote code execution RCE vulnerability via the index method at \controller\Sitemap.php...
CVE-2025-25789
FoxCMS v1.2.5 was discovered to contain a remote code execution RCE vulnerability via the index method at \controller\Sitemap.php...
CVE-2025-25789
FoxCMS v1.2.5 was discovered to contain a remote code execution RCE vulnerability via the index method at \controller\Sitemap.php...
CVE-2025-25789
FoxCMS v1.2.5 was discovered to contain a remote code execution RCE vulnerability via the index method at \controller\Sitemap.php...
CVE-2025-25789
CVE-2025-25789 affects FoxCMS v1.2.5 and is described as a remote code execution (RCE) via the index() method in Sitemap.php. The vulnerability is detailed as a high-severity issue (CVSS v3.1: 9.8, CRITICAL) with NETWORK attack vector, LOW attack complexity, no privileges required, no user intera...
GHSA-2MV8-JJM5-F3HR SQL injection in funadmin
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48230
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48230
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php...
FunAdmin 安全漏洞
FunAdmin is FunAdmin open source development based on ThinkPHP6 + Layui development of a lightweight high-color backend development system. A security vulnerability exists in FunAdmin version 5.0.2, which originates from an SQL injection vulnerability in the parentField parameter of the index...
CVE-2024-48230
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php...
PT-2024-33041 · Funadmin · Funadmin
Name of the Vulnerable Software and Affected Versions: funadmin version 5.0.2 Description: The issue is related to SQL Injection via the parentField parameter in the index method of backendcontrollerauthAuth.php. There is no information provided about the estimated number of potentially affected...
GHSA-7PP4-388X-2XQJ SQL injection in funadmin
Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \app\backend\controller\auth\Auth.php...
CVE-2024-48231
Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48231
Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php...
FunAdmin SQL注入漏洞
FunAdmin is FunAdmin open source a lightweight and high-color backend development system based on ThinkPHP6+Layui development. A security vulnerability exists in FunAdmin version 5.0.2, which stems from a SQL injection vulnerability in the selectFields parameter of the index method of...
CVE-2024-48231
Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php...
CVE-2024-48231
CVE-2024-48231 affects Funadmin 5.0.2. The vulnerability is an SQL Injection in the backend/auth/Auth.php: the index() method mishandles the selectFields parameter, enabling manipulation of database queries. This is confirmed across multiple sources (Veracode, Snyk, GHSA, OSV, NVD) describing a S...
EasySNS Minimalist Community getusertopic method and index method have SQL injection vulnerability
EasySNS Minimalist Community Group Edition is a new database architecture and program structure to form an interactive community with a group as the basic unit. EasySNS Minimalist Community getusertopic method and index method has a SQL injection vulnerability, the vulnerability is due to the...
SQL Injection Vulnerability in Hanchao B2B2C Multi-User Mall System
Hanchao B2B2C multi-user mall system is a PHP multi-user mall website system source code developed in PHP + MySQL. Hanchao B2B2C Multi-User Mall System v2.1.3 SQL injection vulnerability exists in the address and index methods, due to the system fails to filter user-supplied parameters. An attack...