An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS12aHJ2LTlmOWctcmZyeM4AAx99

Critical EPSS: 0.00071% (0.22456 Percentile) EPSS:

SQL Injection in Funadmin

Affected Packages Affected Versions Fixed Versions
packagist:funadmin/funadmin <= 3.2.0 No known fixed version
0 Dependent packages
0 Dependent repositories
853 Downloads total

Affected Version Ranges

All affected versions

1.5.0, 2.1.0, 2.2.6, 2.2.9, 2.2.10, 2.2.11, 2.2.12, 2.2.13, 2.2.14, 2.3.1, 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 3.0.1, 3.1.0, 3.1.1, 3.2.0

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php.

References: