che-my/fastadmin-tp6

Releases0

Stars20

fastadmin升级thinkphp6.0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-21667 ↗	Nov 13, 2020Friday, 13 November 2020, 16:15	7.2 HIGH	6.5 MEDIUM
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection.