Funadmin Security Vulnerabilities and Issues — Funadmin CVE List

Lucene search

FunadminFunadmin

3 matches found

CVE-2024-48231

Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php.

CVE-2024-48227

Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS).

CVE-2024-48224

Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile.