SchoolCMS 注入漏洞

SchoolCMS is Devil individual developer of a set of open source school teaching management system based on ThinkPHP framework. The system includes student management, grade management and teacher management. SchoolCMS version 2.3.1 suffers from an injection vulnerability , the vulnerability stems...

EyouCMS 代码问题漏洞

EyouCMS is an open source content management system CMS based on ThinkPHP by China's Eyou. A code issue vulnerability exists in EyouCMS version 1.5.6, which stems from an unrestricted file upload issue contained in the Website Logo Handler component...

Understanding Deserialization

Thinkphp is vulnerable to Understanding Deserialization. The vulnerability is due to improper validation and handling of serialized user input in the \controller\Index.php component, allowing attackers to execute arbitrary code...

ThinkAdmin 代码问题漏洞

ThinkAdmin is ThinkAdmin open source a set of general purpose backend management system based on ThinkPHP framework. A code issue vulnerability exists in ThinkAdmin 6.1.67 and earlier versions, which stems from improper handling of the parameter uptoken, leading to deserialization...

wtcms cross-site scripting vulnerability

wtcms is a ThinkPHP-based content management system CMS. A cross-site scripting vulnerability exists in version 1.0 of wtcms, which stems from unprocessed application parameters in the plupload method in the file AssetController.class.php, and can be exploited by an attacker to execute arbitrary...

GHSA-PJHX-J53P-C5F5 ThinkPHP deserialization vulnerability

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...

ThinkPHP deserialization vulnerability

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...

CVE-2024-48112

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...

CVE-2024-48112

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...

PT-2024-32992 · Thinkphp · Thinkphp

Name of the Vulnerable Software and Affected Versions: Thinkphp versions 6.1.3 through 8.0.4 Description: A deserialization issue in the controllerIndex.php component allows attackers to execute arbitrary code. Recommendations: For versions 6.1.3 through 8.0.4, update to a version that contains a...

ThinkPHP 安全漏洞

Top Think Information Technology ThinkPHP is a PHP-based, open source, lightweight web application development framework from China's Top Think Information Technology Company. A security vulnerability exists in ThinkPHP versions 6.1.3 to 8.0.4, which stems from a deserialization vulnerability in...

CVE-2024-48112

ThinkPHP deserialization vulnerability CVE-2024-48112 affects ThinkPHP v6.1.3–v8.0.4 in the \controller\Index.php component, allowing arbitrary code execution due to deserializing untrusted data. Impact is code execution with high severity; exploit details are not consistently published across so...

CVE-2024-48112

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...

CVE-2024-48112

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...

EyouCms 安全漏洞

EyouCms is an open source content management system CMS based on ThinkPHP by China Eyou Eyou. A security vulnerability exists in EyouCMS v1.6.7, which stems from the presence of a cross-site scripting vulnerability that allows remote attackers to obtain sensitive information by scripting the post...

EyouCms 安全漏洞

EyouCms is an open source content management system CMS based on ThinkPHP by China's Eyou Eyou. A security vulnerability exists in EyouCMS v1.6.7, which originated from allowing remote attackers to obtain sensitive information by scripting the post parameters...

wtcms 安全漏洞

wtcms is a ThinkPHP-based content management system CMS by Taosir Personal Developer. A security vulnerability exists in version 1.0 of wtcms, which stems from vulnerability to a false access control attack in the file CommonControllerHomebaseController.class.php...

Funadmin 安全漏洞

FunAdmin is FunAdmin open source a lightweight and high-color backend development system based on ThinkPHP6+Layui development. A security vulnerability exists in Funadmin version 5.0.2, which originates from an arbitrary file deletion vulnerability in /curd/index/delfile...

FunAdmin 安全漏洞

FunAdmin is FunAdmin open source a lightweight and high-color backend development system based on ThinkPHP6+Layui development. A security vulnerability exists in FunAdmin version 5.0.2, which originates from a SQL injection vulnerability in /curd/table/edit...

GHSA-F4WH-359G-4PQ7 ThinkPHP deserialization vulnerability

A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...