CVE-2023-24775: SQL Injection
First published: Tue Mar 07 2023(Updated: )
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Funadmin Funadmin | =3.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-24775.
What is the severity of CVE-2023-24775?
The severity of CVE-2023-24775 is critical with a score of 9.8.
What is the affected software version for CVE-2023-24775?
The affected software version for CVE-2023-24775 is Funadmin v3.2.0.
What is the CWE ID for CVE-2023-24775?
The CWE ID for CVE-2023-24775 is 89.
How can I fix the SQL injection vulnerability in Funadmin v3.2.0?
To fix the SQL injection vulnerability in Funadmin v3.2.0, update to a patched version of the software.
- collector/nvd-index
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/tags
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/funadmin
- canonical/funadmin funadmin
- version/funadmin funadmin/3.2.0