CVE-2025-14966 | FastAdmin up to 1.7.0.20250506 Backend Controller Backend.php selectpage custom/searchField sql injection

Inserito da Angelo Barbosa | Dic 19, 2025 | CVE

A vulnerability was found in FastAdmin up to 1.7.0.20250506 and classified as critical. Affected is the function selectpage of the file application/common/controller/Backend.php of the component Backend Controller. Executing manipulation of the argument custom/searchField can lead to sql injection.

This vulnerability is registered as CVE-2025-14966. It is possible to launch the attack remotely. Furthermore, an exploit is available.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

CVE-2025-14966 | FastAdmin up to 1.7.0.20250506 Backend Controller Backend.php selectpage custom/searchField sql injection

Post correlati

CVE-2024-8084 | SourceCodester Online Computer and Laptop Store 1.0 Setting SystemSettings.php System Name cross site scripting

CVE-2024-11661 | Codezips Free Exam Hall Seating Management System 1.0 Profile Image profile.php image unrestricted upload

CVE-2025-11164 | Mavix Education Theme Plugin up to 1.0 on WordPress Plugin Activation mavix_education_activate_plugin authorization

CVE-2025-46707 | Imagination Graphics DDK up to 1.15 RTM/1.17 RTM/1.18 RTM/23.3 RTM exposure of resource