CVE-2023-48966
CVE-2023-48966 affects ThinkAdmin v6.1.53. The vulnerability exists in the /admin/api.upload/file component, allowing arbitrary file uploads and remote code execution via a crafted ZIP file. Documented impact is high (CVSSv3.1 8.8, AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Primary sources (NVD/CNVD/G...