funadmin

Top products

The 15 most recently published vulnerabilities affecting funadmin.

• CVE-2026-2898funadmin Backend Endpoint AuthCloudService.php getMember deserialization5.5Feb 22, 2026
• CVE-2026-2897funadmin Backend index.html cross site scripting2.4Feb 22, 2026
• CVE-2026-2896funadmin Configuration Ajax.php setConfig improper authorization7.3Feb 21, 2026
• CVE-2026-2895funadmin Member.php repass password recovery3.7Feb 21, 2026
• CVE-2026-2894funadmin forget.html getMember information disclosure5.3Feb 21, 2026
• CVE-2024-48230funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.7.2Oct 25, 2024
• CVE-2024-48229funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.7.2Oct 25, 2024
• CVE-2024-48228An issue was found in funadmin 5.0.2. The selectfiles method in \backend\controller\sys\Attachh.php directly stores the passed parameters and values into the param parameter without filtering, resu...6.1Oct 25, 2024
• CVE-2024-48227Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS).4.9Oct 25, 2024
• CVE-2024-48226Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.7.2Oct 25, 2024
• CVE-2024-48225Funadmin v5.0.2 has an arbitrary file deletion vulnerability in /curd/index/delfile.6.5Oct 25, 2024
• CVE-2024-48224Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile.4.9Oct 25, 2024
• CVE-2024-48223Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.7.2Oct 25, 2024
• CVE-2024-48222Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.7.2Oct 25, 2024
• CVE-2024-48218Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.7.2Oct 25, 2024