Lucene search
MitreCVELIST:CVE-2022-47945HistoryDec 23, 2022 - 12:00 a.m.
CVE-2022-47945
2022-12-2300:00:00
mitre
www.cve.org
cve-2022-47945
thinkphp
file inclusion
language pack
remote attacker
arbitrary commands
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.
Related
osv
osv
ThinkPHP Framework vulnerable to remote code execution
2022-12-23 21:30:17
CVE-2022-47945
2022-12-23 21:15:09
cve
cve
CVE-2022-47945
2022-12-23 21:15:09
prion
prion
Design/Logic Flaw
2022-12-23 21:15:00
github
github
ThinkPHP Framework vulnerable to remote code execution
2022-12-23 21:30:17
nvd
nvd
CVE-2022-47945
2022-12-23 21:15:09
veracode
veracode
Remote Code Execution (RCE)
2023-01-02 13:03:01
nuclei
nuclei
Thinkphp Lang - Local File Inclusion
2022-12-23 07:25:38