csffs

2 exploits Active since Mar 2023
CVE-2023-24775 NOMISEC CRITICAL WORKING POC
funadmin v3.2.0 - SQL Injection via selectFields Parameter
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php.
2 stars
CVSS 9.8
CVE-2023-1671 NOMISEC CRITICAL WORKING POC
Sophos Web Appliance <4.3.10.4 - Command Injection
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
CVSS 9.8