Vulnerabilities > Funadmin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-02 | CVE-2023-2477 | Cross-site Scripting vulnerability in Funadmin A vulnerability was found in Funadmin up to 3.2.3. | 6.1 |
| 2023-03-10 | CVE-2023-24774 | SQL Injection vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \controller\auth\Auth.php. | 9.8 |
| 2023-03-08 | CVE-2023-24777 | SQL Injection vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list. | 9.8 |
| 2023-03-08 | CVE-2023-24782 | SQL Injection vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/edit. | 9.8 |
| 2023-03-08 | CVE-2023-24773 | SQL Injection vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list. | 9.8 |
| 2023-03-08 | CVE-2023-24780 | SQL Injection vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns. | 9.8 |
| 2023-03-07 | CVE-2023-24775 | SQL Injection vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php. | 9.8 |
| 2023-03-07 | CVE-2023-24781 | SQL Injection vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php. | 9.8 |
| 2023-03-06 | CVE-2023-24776 | Unspecified vulnerability in Funadmin 3.2.0 Funadmin v3.2.0 was discovered to contain a remote code execution (RCE) vulnerability via the component \controller\Addon.php. | 9.8 |