3 matches found
CVE-2018-18529
ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI...
CVE-2018-18529
ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI...
CVE-2018-18529
ThinkPHP 3.2.4 is affected by an SQL injection in the count parameter due to the parseKey function in Library/Think/Db/Driver/Mysql.class.php mishandling the key variable. This is documented across multiple sources (NVD, Red Hat, GHSA, CNVD, osv) and consistently references the same root cause. T...