An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS12NDN2LXB2OTUtamM1Nc4AAx-F

Critical EPSS: 0.58311% (0.98021 Percentile) EPSS:

SQL Injection in Funadmin

Affected Packages Affected Versions Fixed Versions
packagist:funadmin/funadmin <= 3.2.0 No known fixed version
0 Dependent packages
0 Dependent repositories
853 Downloads total

Affected Version Ranges

All affected versions

1.5.0, 2.1.0, 2.2.6, 2.2.9, 2.2.10, 2.2.11, 2.2.12, 2.2.13, 2.2.14, 2.3.1, 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 3.0.1, 3.1.0, 3.1.1, 3.2.0

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php.

References: