Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Fastadmin Subscribe
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43117 1 Fastadmin 1 Fastadmin 2021-12-17 10.0 HIGH 9.8 CRITICAL
fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access.
CVE-2020-25967 2 Fastadmin, Microsoft 2 Fastadmin, Windows 2021-07-21 6.5 MEDIUM 8.8 HIGH
The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.
CVE-2020-26609 1 Fastadmin 1 Fastadmin 2021-03-04 3.5 LOW 5.4 MEDIUM
fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background.
CVE-2020-21665 1 Fastadmin 1 Fastadmin 2020-11-30 6.5 MEDIUM 7.2 HIGH
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
CVE-2019-17432 1 Fastadmin 1 Fastadmin 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/admin/general.config/edit CSRF vulnerability, as demonstrated by resultant XSS via the row[name] parameter.
CVE-2019-11077 1 Fastadmin 1 Fastadmin 2019-10-15 6.8 MEDIUM 8.8 HIGH
FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI.
CVE-2019-17431 1 Fastadmin 1 Fastadmin 2019-10-11 6.8 MEDIUM 8.8 HIGH
An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability.
CVE-2018-10268 1 Fastadmin 1 Fastadmin 2018-05-25 3.5 LOW 5.4 MEDIUM
An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\api\controller\User.php avatar parameter.