ThinkPHP is a PHP-based, open-source, lightweight web application development framework from China Top Thinking Information Technology. thinkPHP v6.0.12 version has a deserialization vulnerability, which originates from the component vendorleagueflysystem-cached- adaptersrcStorageAbstractCache.php in receiving unsafe deserialization of serialized data submitted by the user. An attacker could exploit this vulnerability to execute arbitrary code via a carefully crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
δΈε½ι‘Άζ³δΏ‘ζ―η§ζε ¬εΈ thinkphp v | eq | 6.0.12 |