Filtered by vendor Fastadmin
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25967 | 2 Fastadmin, Microsoft | 2 Fastadmin, Windows | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability. | |||||
| CVE-2020-21665 | 1 Fastadmin | 1 Fastadmin | 2020-11-30 | 6.5 MEDIUM | 7.2 HIGH |
| In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh. | |||||
| CVE-2019-11077 | 1 Fastadmin | 1 Fastadmin | 2019-10-15 | 6.8 MEDIUM | 8.8 HIGH |
| FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI. | |||||
| CVE-2019-17431 | 1 Fastadmin | 1 Fastadmin | 2019-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability. | |||||