RSS   Vulnerabilities for 'Fastadmin'   RSS

2021-12-13
 
CVE-2021-43117

CWE-434
 

 
fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access.

 
2021-02-23
 
CVE-2020-26609

CWE-79
 

 
fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background.

 
2019-10-10
 
CVE-2019-17432

CWE-352
 

 
An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/admin/general.config/edit CSRF vulnerability, as demonstrated by resultant XSS via the row[name] parameter.

 
 
CVE-2019-17431

CWE-352
 

 
An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability.

 
2019-04-10
 
CVE-2019-11077

CWE-352
 

 
FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI.

 
2018-04-21
 
CVE-2018-10268

CWE-79
 

 
An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\api\controller\User.php avatar parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top