149 matches found
Arbitrary file deletion
ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in doavatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence. A member user can delete any file on a Windows server...
CVE-2018-16141
ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in doavatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence. A member user can delete any file on a Windows server...
CVE-2018-16141
ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in doavatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence. A member user can delete any file on a Windows server...
CVE-2018-16141
ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_avatar() within the ProfileController.class.php, exploitable via the imgurl parameter using a ..\ sequence. A member user can delete arbitrary files on a Windows server. Documented as CVE-2018-16141 in NVD/CNVD listings; no remedi...
CVE-2018-16141
ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in doavatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence. A member user can delete any file on a Windows server...
SQL Injection Vulnerability in ThinkCMF
ThinkCMF is a Chinese Content Management Framework CMF based on ThinkPHP+MYSQL. ThinkCMF has a SQL injection vulnerability , attackers can exploit the vulnerability to obtain sensitive database data...
thinkcmf background getshell
No description provided by source...
thinkcmf \application\User\Controller\ProfileController.class.php arbitrary file delete vulnerability
No description provided by source...
ThinkCMF 信息泄露漏洞
No description provided by source...