← Back to CVE List
CVE-2020-21665
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt