GHSA-7g53-jj25-jhgr, CVE-2023-24776
packagist/funadmin/funadmin
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Funadmin v3.2.0 was discovered to contain a remote code execution (RCE) vulnerability via the component \controller\Addon.php.
All versions up to 3.2.0
Unfortunately, there is no solution available yet.
2023-03-22
source |