Funadmin Security Vulnerabilities and Issues — Funadmin CVE List

A vulnerability was found in Funadmin up to 3.2.3. It has been declared as problematic. Affected by this vulnerability is the function tagLoad of the file Cx.php. The manipulation of the argument file leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed...

6.1CVSS4.8AI score0.00064EPSS

CVE•added 2023/03/07 6:15 p.m.•48 views

CVE-2023-24775

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php.

9.8CVSS9.8AI score0.58311EPSS

CVE•added 2023/03/06 8:15 p.m.•45 views

CVE-2023-24776

Funadmin v3.2.0 was discovered to contain a remote code execution (RCE) vulnerability via the component \controller\Addon.php.

9.8CVSS9.8AI score0.01361EPSS

CVE•added 2023/03/08 4:15 p.m.•44 views

CVE-2023-24773

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list.

9.8CVSS9.8AI score0.00091EPSS

CVE•added 2023/03/08 10:15 p.m.•42 views

CVE-2023-24777

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list.

9.8CVSS9.8AI score0.00065EPSS

CVE•added 2023/03/08 12:15 a.m.•41 views

CVE-2023-24780

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns.

9.8CVSS9.8AI score0.00248EPSS

CVE•added 2023/03/07 3:15 p.m.•38 views

CVE-2023-24781

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php.

9.8CVSS9.8AI score0.00071EPSS