Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2022-25481
HistoryMar 21, 2022 - 12:15 a.m.

CVE-2022-25481

2022-03-2100:15:07
Google
osv.dev
15
thinkphp
v5.0.24
misconfigured
pathinfo
parameter
system environment
index.php
attackers
software

AI Score

7.3

Confidence

High

EPSS

0.013

Percentile

85.7%

JSON

ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php.

Related

nvd 1
veracode 1
prion 1
github 1
vulnrichment 1
cve 1
osv 1
cvelist 1
nuclei 1
nvd
nvd
CVE-2022-25481
2022-03-21 00:15:07
veracode
veracode
Information Exposure
2022-03-22 07:58:44
prion
prion
Code injection
2022-03-21 00:15:00
github
github
Exposure of Resource to Wrong Sphere in ThinkPHP Framework
2022-03-22 00:00:43
vulnrichment
vulnrichment
CVE-2022-25481
2022-03-20 00:00:00
cve
cve
CVE-2022-25481
2022-03-21 00:15:07
osv
osv
Exposure of Resource to Wrong Sphere in ThinkPHP Framework
2022-03-22 00:00:43
cvelist
cvelist
CVE-2022-25481
2022-03-20 00:00:00
nuclei
nuclei
ThinkPHP 5.0.24 - Information Disclosure
2022-11-24 16:42:41

AI Score

7.3

Confidence

High

EPSS

0.013

Percentile

85.7%

JSON
Related for OSV:CVE-2022-25481
nvd1veracode1prion1github1vulnrichment1cve1osv1cvelist1nuclei1