pkg:Packagist/funadmin/funadmin

26 total CVEsCRITICAL16HIGH5MEDIUM3LOW2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2024-48230SQL injection in funadmin
    from 0, <= 5.0.2
  • CRITICAL9.8CVE-2024-48229SQL injection in funadmin
    from 0, <= 5.0.2
  • CRITICAL9.8CVE-2024-48223SQL injection in funadmin
    from 0, <= 5.0.2
  • CRITICAL9.8CVE-2024-48222SQL injection in funadmin
    from 0, <= 5.0.2
  • CRITICAL9.8CVE-2024-48226SQL injection in funadmin
    from 0, <= 5.0.2
  • CRITICAL9.8CVE-2024-48218SQL injection in funadmin
    from 0, <= 5.0.2
  • CRITICAL9.8CVE-2023-36097fuadmin vulnerable to insecure file upload
    >= 3.3.2, <= 3.3.3
  • CRITICAL9.8CVE-2023-24774Funadmin vulnerable to SQL injection
    from 0, <= 3.2.0
  • CRITICAL9.8CVE-2023-24777SQL Injection in Funadmin
    from 0, <= 3.2.0
  • CRITICAL9.8CVE-2023-24782SQL Injection in Funadmin
    from 0, <= 3.2.0
  • CRITICAL9.8CVE-2023-24773SQL Injection in Funadmin
    from 0, <= 3.2.0
  • CRITICAL9.8CVE-2023-24780SQL Injection in Funadmin
    from 0, <= 3.2.0
  • CRITICAL9.8CVE-2023-24775SQL Injection in Funadmin
    from 0, <= 3.2.0
  • CRITICAL9.8CVE-2023-24781SQL Injection in Funadmin
    from 0, <= 3.2.0
  • CRITICAL9.8CVE-2023-24776Remote code execution in Funadmin
    from 0, <= 3.2.0
  • CRITICAL9.1CVE-2024-48225SQL injection in funadmin
    from 0, <= 5.0.2
  • HIGH7.5CVE-2024-48227Logic flaw in Funadmin
    from 0, <= 5.0.2
  • HIGH7.5CVE-2024-48224SQL injection in funadmin
    from 0, <= 5.0.2
  • HIGH7.3CVE-2026-7733Funadmin has an Improper Access Control Issue
    from 0, <= 7.1.0-rc6
  • HIGH7.3CVE-2026-2896funadmin has Incorrect Privilege Assignment in its Configuration Handler
    from 0, <= 7.1.0-rc4
  • HIGH7.2CVE-2024-48231SQL injection in funadmin
    from 0, <= 5.0.2
  • MEDIUM6.1CVE-2024-48228Funadmin Cross-site Scripting vulnerability
    from 0, <= 5.0.2
  • MEDIUM5.5CVE-2026-2898funadmin: Deserialization Vulnerability in Backend Endpoint via AuthCloudService getMember Function
    from 0, <= 7.1.0-rc4
  • MEDIUM5.3CVE-2026-2894funadmin exposes sensitive information via getMember function
    from 0, <= 7.1.0-rc4
  • LOW3.7CVE-2026-2895funadmin has Weak Password Recovery Mechanism for Forgotten Password
    from 0, <= 7.1.0-rc4
  • LOW2.4CVE-2026-2897funadmin: XSS through Value argument in Backend Interface component
    from 0, <= 7.1.0-rc4