CVE-2020-21665
Published
CVSS v3
7.2
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT
Description
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
基于 ThinkPHP 和 Bootstrap 的极速后台开发框架,一键生成 CRUD,自动生成控制器、模型、视图、JS、语言包、菜单、回收站。
GitHub