Filtered by vendor Fastadmin
Subscriptions
Filtered by product Fastadmin
Subscriptions
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43117 | 1 Fastadmin | 1 Fastadmin | 2021-12-17 | 9.8 Critical |
| fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access. | ||||
| CVE-2020-25967 | 2 Fastadmin, Microsoft | 2 Fastadmin, Windows | 2021-07-21 | 8.8 High |
| The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability. | ||||
| CVE-2020-26609 | 1 Fastadmin | 1 Fastadmin | 2021-03-04 | 5.4 Medium |
| fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background. | ||||
| CVE-2020-21665 | 1 Fastadmin | 1 Fastadmin | 2020-11-30 | 7.2 High |
| In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh. | ||||
| CVE-2019-17432 | 1 Fastadmin | 1 Fastadmin | 2020-08-24 | 6.5 Medium |
| An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/admin/general.config/edit CSRF vulnerability, as demonstrated by resultant XSS via the row[name] parameter. | ||||
| CVE-2019-11077 | 1 Fastadmin | 1 Fastadmin | 2019-10-15 | 8.8 High |
| FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI. | ||||
| CVE-2019-17431 | 1 Fastadmin | 1 Fastadmin | 2019-10-11 | 8.8 High |
| An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability. | ||||
| CVE-2018-10268 | 1 Fastadmin | 1 Fastadmin | 2018-05-25 | N/A |
| An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\api\controller\User.php avatar parameter. | ||||
Page 1 of 1.