王傑

Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: Reflection XSS Vulnerability details: The selectfiles method in the funadmin\app\backend\controller\sys\Attachh.php file directly stores the passed parameters and values...

Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability details: The parentField parameter in the index method of funadmin\app\backend\controller\auth\Auth.php has SQL injection Vulnerability location：funadmin\app\backend\controller\auth\Auth.php#index...

Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability details: The selectFields [value] parameter in the index method of funadmin\app\backend\controller\auth\Auth.php has SQL injection Vulnerability...

Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability details: Curd One Click Command Mode funadmin\app\curd\controller\Index.php add SQL Injection Vulnerability Install the Curd One...

Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: Program logic defect Vulnerability details: Curd One Click Command Mode funadmin\app\curd\common.php getSystemTable Delete any data table Install the...