Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Funadmin Subscribe
Filtered by product Funadmin
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-24774 1 Funadmin 1 Funadmin 2023-03-15 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \controller\auth\Auth.php.
CVE-2023-24781 1 Funadmin 1 Funadmin 2023-03-14 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php.
CVE-2023-24780 1 Funadmin 1 Funadmin 2023-03-14 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns.
CVE-2023-24775 1 Funadmin 1 Funadmin 2023-03-14 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php.
CVE-2023-24777 1 Funadmin 1 Funadmin 2023-03-14 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list.
CVE-2023-24782 1 Funadmin 1 Funadmin 2023-03-14 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit.
CVE-2023-24773 1 Funadmin 1 Funadmin 2023-03-14 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list.
CVE-2023-24776 1 Funadmin 1 Funadmin 2023-03-14 N/A 9.8 CRITICAL
Funadmin v3.2.0 was discovered to contain a remote code execution (RCE) vulnerability via the component \controller\Addon.php.