Lucene search
K

11 matches found

Nuclei
Nuclei
added 2026/06/25 5:45 a.m.16 views

ThinkPHP < 3.2.4 - Remote Code Execution

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via the s parameter in index.php through the invokefunction functionality. id: CVE-2019-9082 info: name: ThinkPHP 3.2.4 - Remote Code Execution author: 0xanis severity: high description: |...

9.3CVSS7.5AI score0.97419EPSS
Exploits8References5
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.282 views

ThinkPHP - Multiple PHP Injection RCEs (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ThinkPHP Multiple PHP Injection RCEs', 'Description' = %q This module exploits one of two PHP injection vulnerabilities in the ThinkPHP web...

7.4AI score
Exploits0
Circl
Circl
added 2020/04/13 2:35 p.m.26 views

CVE-2019-9082

creationtimestamp| type| source ---|---|--- 2020-04-13 14:35:55+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/thinkphprce.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48333 2021-11-08 08:58:20+00:00| seen|...

9.3CVSS7.5AI score0.97419EPSS
Exploits8References12
Check Point Advisories
Check Point Advisories
added 2019/07/08 12:0 a.m.14 views

NoneCMS ThinkPHP Remote Code Execution (CVE-2019-9082)

...

9.3CVSS2.2AI score0.97419EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/03/04 12:0 a.m.138 views

zzzphp CMS 1.6.1 - Cross-Site Request Forgery

Exploit Title: Cross-Site Request ForgeryCSRF of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 26/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version: 1.6.1 Tested on:...

9.3CVSS8AI score0.97419EPSS
Exploits8
exploitpack
exploitpack
added 2019/03/04 12:0 a.m.96 views

zzzphp CMS 1.6.1 - Cross-Site Request Forgery

zzzphp CMS 1.6.1 - Cross-Site Request Forgery Exploit Title: Cross-Site Request ForgeryCSRF of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 26/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip...

10CVSS0.6AI score0.97419EPSS
Exploits13
Packet Storm
Packet Storm
added 2019/03/04 12:0 a.m.155 views

zzzphp CMS 1.6.1 Cross Site Request Forgery

Exploit Title: Cross-Site Request ForgeryCSRF of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 26/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version: 1.6.1 Tested on:...

10CVSS0.4AI score0.97419EPSS
Exploits13
0day.today
0day.today
added 2019/03/04 12:0 a.m.103 views

zzzphp CMS 1.6.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Cross-Site Request ForgeryCSRF of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 26/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link:...

10CVSS0.97419EPSS
Exploits13
Cvelist
Cvelist
added 2019/02/24 6:0 p.m.48 views

CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command...

8.9AI score0.97419EPSS
Exploits8References2
CVE
CVE
added 2019/02/24 6:0 p.m.1295 views

CVE-2019-9082

ThinkPHP CVE-2019-9082 affects ThinkPHP before 3.2.4 (used in Open Source BMS v1.1.1). The vulnerability allows Remote Command Execution via a crafted request to public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=..., enabling an attacker to run comm...

9.3CVSS8.7AI score0.97419EPSS
In wildExploits8References4Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2019/01/13 12:0 a.m.2 views

VulnCheck KEV: CVE-2019-9082

ThinkPHP contains an unspecified vulnerability that allows for remote code execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command...

9.3CVSS7.9AI score0.97419EPSS
Exploits8References1
Rows per page
Query Builder