Vulnerabilities > Fastadmin > Fastadmin > 1.0.0.20191212

DATE CVE VULNERABILITY TITLE RISK
2020-11-17 CVE-2020-21665 SQL Injection vulnerability in Fastadmin 1.0.0.20191212
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
network
low complexity
fastadmin CWE-89
6.5
6.5