CVE-2024-48231

Published October 21st, 2024

View on NVD ↗

CVSS v3

7.2

HIGH

CVSS v2

N/A

Affected

1

PROJECT

Description

Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php.

funadmin/funadmin

全栈AI MCP开发框架🔥🔥🔥FunAdmin是基于ThinkPHP8Layui开发的轻量级高颜值后台开发系统,集成Layui常用组件、CRUD生成快速模块，非常适合二开, 点击star支持下吧

GitHub

169