funadmin/funadmin Security Advisories for v3.0 (25)
-
[MEDIUM] Funadmin has an Improper Access Control Issue
PKSA-1r81-6z2f-xhbh CVE-2026-7733 GHSA-qhh7-263p-54r3
Affected version: <=7.1.0-rc6
Reported by:
GitHub -
[LOW] funadmin: Deserialization Vulnerability in Backend Endpoint via AuthCloudService getMember Function
PKSA-rzcm-2t96-zr56 CVE-2026-2898 GHSA-gcxp-xg77-798j
Affected version: <=7.1.0-rc4
Reported by:
GitHub -
[LOW] funadmin: XSS through Value argument in Backend Interface component
PKSA-z36f-6d88-bjdd CVE-2026-2897 GHSA-rfh7-7v27-6p9r
Affected version: <=7.1.0-rc4
Reported by:
GitHub -
[MEDIUM] funadmin has Incorrect Privilege Assignment in its Configuration Handler
PKSA-dwjy-41q2-31rt CVE-2026-2896 GHSA-5m2g-4cf6-c3rg
Affected version: <=7.1.0-rc4
Reported by:
GitHub -
[LOW] funadmin has Weak Password Recovery Mechanism for Forgotten Password
PKSA-j1rx-v5j5-4zrh CVE-2026-2895 GHSA-fmr2-m7gc-577w
Affected version: <=7.1.0-rc4
Reported by:
GitHub -
[MEDIUM] funadmin exposes sensitive information via getMember function
PKSA-46y2-3dk3-ygyt CVE-2026-2894 GHSA-8hhx-xq9j-xwfj
Affected version: <=7.1.0-rc4
Reported by:
GitHub -
[LOW] Funadmin Cross-site Scripting vulnerability
PKSA-nc45-f82j-74m7 CVE-2024-48228 GHSA-j9wp-x5q5-xh2f
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-nk92-cdr6-7w2w CVE-2024-48230 GHSA-2mv8-jjm5-f3hr
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-mxrz-4hkg-3h8r CVE-2024-48229 GHSA-h345-r48x-g68f
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-24k8-87m6-b6gs CVE-2024-48225 GHSA-vw6x-c5rg-jmjp
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] Logic flaw in Funadmin
PKSA-cpn7-71x8-t5j8 CVE-2024-48227 GHSA-r9v5-q97m-rj5g
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-xd9h-8x7f-w3ky CVE-2024-48226 GHSA-9gw3-qr2f-3vg5
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-59vr-s2ft-5k3y CVE-2024-48224 GHSA-6j8f-88mh-r9vq
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-phnz-xtt4-f7rp CVE-2024-48223 GHSA-x2fr-vj74-5h35
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-3k68-pkvb-hzjf CVE-2024-48222 GHSA-5g66-93qv-565j
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-g1j1-f88w-twmr CVE-2024-48218 GHSA-h4px-9vmp-p7pv
Affected version: <=5.0.2
Reported by:
GitHub -
[HIGH] SQL injection in funadmin
PKSA-d4hs-9h6z-k34y CVE-2024-48231 GHSA-7pp4-388x-2xqj
Affected version: <=5.0.2
Reported by:
GitHub -
[CRITICAL] Funadmin vulnerable to SQL injection
PKSA-wmky-py6s-7ttq CVE-2023-24774 GHSA-jx2x-fg9p-7gc7
Affected version: <=3.2.0
Reported by:
GitHub -
[CRITICAL] SQL Injection in Funadmin
PKSA-8dr8-m81d-3k8y CVE-2023-24777 GHSA-pvp6-53r9-8vxh
Affected version: <=3.2.0
Reported by:
GitHub -
[CRITICAL] SQL Injection in Funadmin
PKSA-dfjp-vztm-qxv5 CVE-2023-24782 GHSA-qhq8-2f3m-gxvp
Affected version: <=3.2.0
Reported by:
GitHub -
[CRITICAL] SQL Injection in Funadmin
PKSA-sptf-2tbc-f7sr CVE-2023-24773 GHSA-m8wf-wmwh-jw2m
Affected version: <=3.2.0
Reported by:
GitHub -
[CRITICAL] SQL Injection in Funadmin
PKSA-g11c-x94z-t5nf CVE-2023-24780 GHSA-7pmh-8qjj-4q36
Affected version: <=3.2.0
Reported by:
GitHub -
[CRITICAL] SQL Injection in Funadmin
PKSA-52sx-hrvy-3p7n CVE-2023-24775 GHSA-v43v-pv95-jc55
Affected version: <=3.2.0
Reported by:
GitHub -
[CRITICAL] SQL Injection in Funadmin
PKSA-n9gp-wjx9-s5wr CVE-2023-24781 GHSA-vhrv-9f9g-rfrx
Affected version: <=3.2.0
Reported by:
GitHub -
[CRITICAL] Remote code execution in Funadmin
PKSA-m99v-wntc-kwzh CVE-2023-24776 GHSA-7g53-jj25-jhgr
Affected version: <=3.2.0
Reported by:
GitHub