CVE-2024-7928
- Source
- https://cve.org/CVERecord?id=CVE-2024-7928
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-7928.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-7928
- Published
- 2024-08-19T22:15:06.203Z
- Modified
- 2025-11-20T12:28:54.026342Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.4.20220530 is able to address this issue. It is recommended to upgrade the affected component.
- References
Affected packages
Git / github.com/karsonzhang/fastadmin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/karsonzhang/fastadmin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.1.0.20170721_beta
v1.*
v1.0.0.20170808_beta
v1.0.0.20170816_beta
v1.0.0.20170915_beta
v1.0.0.20171026_beta
v1.0.0.20171206_beta
v1.0.0.20180117_beta
v1.0.0.20180119_beta
v1.0.0.20180204_beta
v1.0.0.20180222_beta
v1.0.0.20180308_beta
v1.0.0.20180310_beta
v1.0.0.20180314_beta
v1.0.0.20180327_beta
v1.0.0.20180401_beta
v1.0.0.20180406_beta
v1.0.0.20180417_beta
v1.0.0.20180506_beta
v1.0.0.20180513_beta
v1.0.0.20180618_beta
v1.0.0.20180630_beta
v1.0.0.20180806_beta
v1.0.0.20180911_beta
v1.0.0.20181031_beta
v1.0.0.20181127_beta
v1.0.0.20181210_beta
v1.0.0.20190111_beta
v1.0.0.20190301_beta
v1.0.0.20190318_beta
v1.0.0.20190407_beta
v1.0.0.20190410_beta
v1.0.0.20190418_beta
v1.0.0.20190510_beta
v1.0.0.20190628_beta
v1.0.0.20190705_beta
v1.0.0.20190930_beta
v1.0.0.20191101_beta
v1.0.0.20191212_beta
v1.0.0.20200228_beta
v1.0.0.20200506_beta
v1.0.0.20201001_beta
v1.0.0.20201008_beta
v1.2.0.20210125_beta
v1.2.0.20210401_beta
v1.2.1.20210731_beta
v1.2.2.20211011_beta
v1.3.2.20220113
v1.3.3.20220121