CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

149 matches found

NVD•added 2021/12/22 11:15 p.m.•11 views

CVE-2020-20601

An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted packet...

9.8CVSS0.07598EPSS

Exploits1References1

Prion•added 2021/12/22 11:15 p.m.•18 views

Code injection

An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted packet...

7.5CVSS9.5AI score0.07598EPSS

Exploits1References1Affected Software1

CVE•added 2021/12/22 10:43 p.m.•55 views

CVE-2020-20601

ThinkCMF X2.2.2 and earlier are affected by CVE-2020-20601, a remote code execution vulnerability caused by processing crafted packets. The nuclei template specifies that unauthenticated attackers can remotely execute arbitrary PHP code on ThinkCMF servers by sending malicious packets, potentiall...

9.8CVSS9.5AI score0.07598EPSS

In wildExploits1References1Affected Software1

Cvelist•added 2021/12/22 10:43 p.m.•21 views

CVE-2020-20601

An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted packet...

9.6AI score0.07598EPSS

Exploits1References1

CNNVD•added 2021/12/22 12:0 a.m.•4 views

ThinkCMF 代码注入漏洞

ThinkCMF is a CMS Content Management System based on ThinkPHP. thinkCMF version X2.2.2 has a security vulnerability that can be exploited by attackers to execute arbitrary code via a crafted package...

9.8CVSS6.2AI score0.07598EPSS

Exploits1References1

Positive Technologies•added 2021/12/22 12:0 a.m.•7 views

PT-2021-10516

Name of the Vulnerable Software and Affected Versions: ThinkCMF versions X2.2.2 and below Description: An issue in ThinkCMF allows attackers to execute arbitrary code via a crafted packet. Recommendations: For ThinkCMF versions X2.2.2 and below, at the moment, there is no information about a newe...

9.8CVSS7.3AI score0.07598EPSS

Exploits1References5

CNVD•added 2021/07/15 12:0 a.m.•13 views

ThinkCMF Cross-site Request Forgery Vulnerability

ThinkCMF is a CMS Content Management System based on ThinkPHP. thinkCMF v5.1.0 is vulnerable to cross-site request forgery, which allows attackers to add administrator accounts. No details of the vulnerability are currently available...

6.5CVSS4.7AI score0.00473EPSS

Exploits1References1

NVD•added 2021/07/14 7:15 p.m.•21 views

CVE-2020-18151

Cross Site Request Forgery CSRF vulnerability in ThinkCMF v5.1.0, which can add an admin account...

6.5CVSS0.00473EPSS

Exploits1References1

OSV•added 2021/07/14 7:15 p.m.•9 views

CVE-2020-18151

Cross Site Request Forgery CSRF vulnerability in ThinkCMF v5.1.0, which can add an admin account...

6.5CVSS7AI score

Exploits0References1

Prion•added 2021/07/14 7:15 p.m.•14 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in ThinkCMF v5.1.0, which can add an admin account...

4.3CVSS6.6AI score0.00473EPSS

Exploits1References1Affected Software1

CVE•added 2021/07/14 6:18 p.m.•58 views

CVE-2020-18151

ThinkCMF v5.1.0 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that can be abused to add an administrator account. The CVE-2020-18151 entry documents CSRF as the underlying issue without detailing the exact user flow or vulnerable endpoints in the connected sources. The initial ...

6.5CVSS6.5AI score0.00473EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/07/14 6:18 p.m.•22 views

CVE-2020-18151

Cross Site Request Forgery CSRF vulnerability in ThinkCMF v5.1.0, which can add an admin account...

6.6AI score0.00473EPSS

Exploits1References1

Positive Technologies•added 2021/07/14 12:0 a.m.•4 views

PT-2021-10140 · Thinkcmf · Thinkcmf

Name of the Vulnerable Software and Affected Versions: ThinkCMF version 5.1.0 Description: The issue is related to a Cross Site Request Forgery CSRF vulnerability, which can be exploited to add an admin account. This allows an attacker to potentially gain unauthorized access to the system...

6.5CVSS6.5AI score0.00473EPSS

Exploits1References8

CNNVD•added 2021/07/14 12:0 a.m.•3 views

ThinkCMF 跨站请求伪造漏洞

6.5CVSS5.4AI score0.00473EPSS

Exploits1References2

Check Point Advisories•added 2021/01/20 12:0 a.m.•3 views

ThinkCMF ThinkCMFX Remote Code Execution

A remote code execution vulnerability exists in ThinkCMF ThinkCMFX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.6AI score

Exploits0

CNVD•added 2019/10/30 12:0 a.m.•1 views

Command Execution Vulnerability in ThinkCMFX

ThinkCMF is a Chinese content management framework based on ThinkPHP+MySQL, of which the X series is based on ThinkPHP 3.2.3. A command execution vulnerability exists in ThinkCMFX, which can be exploited by attackers to execute malicious code...

7.4AI score

Exploits0

CNVD•added 2019/09/16 12:0 a.m.•1 views

File upload vulnerability in ThinkCMF frontend Ue***.cl***.php file

ThinkCMF is a Chinese content management framework based on PHP+MYSQL. A file upload vulnerability exists in the ThinkCMF frontend Ue.cl.php file. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

7.1AI score

Exploits0

NVD•added 2019/02/07 5:29 p.m.•22 views

CVE-2019-7580

ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admincategory/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection...

8.8CVSS9.1AI score0.09935EPSS

Exploits3References2

Prion•added 2019/02/07 5:29 p.m.•18 views

Design/Logic Flaw

6.5CVSS9.1AI score0.09935EPSS

Exploits3References2Affected Software1

OSV•added 2019/02/07 5:29 p.m.•17 views

CVE-2019-7580

8.8CVSS8.2AI score

Exploits0References2

Rows per page