SQL Injection Vulnerability in Funadmin by Funadmin Software
CVE-2023-24777
9.8CRITICAL
What is CVE-2023-24777?
Funadmin v3.2.0 is vulnerable to a SQL injection attack that can be exploited through the 'id' parameter at the endpoint /databases/table/list. This vulnerability allows attackers to manipulate SQL queries, potentially gaining unauthorized access to sensitive data or performing administrative actions within the application. It is crucial for users of this version to implement security measures or upgrade to a patched version to mitigate the risk.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved