Skip to main content

Fastadmin

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-14966 LOW POC Monitor

SQL injection in FastAdmin up to version 1.7.0.20250506 allows high-privilege authenticated attackers to execute arbitrary SQL queries via manipulation of the custom/searchField parameter in the selectpage function of the Backend Controller. The vulnerability requires administrator-level privileges and has publicly available exploit code, though the low CVSS score (2.0) and minimal EPSS exploitation probability (0.06%) indicate limited real-world risk despite active disclosure.

PHP SQLi Fastadmin
NVD VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-14966
EPSS 0% CVSS 2.0
LOW POC Monitor

SQL injection in FastAdmin up to version 1.7.0.20250506 allows high-privilege authenticated attackers to execute arbitrary SQL queries via manipulation of the custom/searchField parameter in the selectpage function of the Backend Controller. The vulnerability requires administrator-level privileges and has publicly available exploit code, though the low CVSS score (2.0) and minimal EPSS exploitation probability (0.06%) indicate limited real-world risk despite active disclosure.

PHP SQLi Fastadmin
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy