Lucene search
+L

8 matches found

nuclei
nuclei
added 2026/06/25 5:45 a.m.20 views

ThinkPHP < 3.2.4 - Remote Code Execution

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via the s parameter in index.php through the invokefunction functionality. id: CVE-2019-9082 info: name: ThinkPHP 3.2.4 - Remote Code Execution author: 0xanis severity: high description: |...

9.3CVSS7.5AI score0.97419EPSS
Exploits8References5
nvd
nvd
added 2019/02/24 6:29 p.m.34 views

CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command...

9.3CVSS8.9AI score0.97419EPSS
Exploits8References4
prion
prion
added 2019/02/24 6:29 p.m.36 views

Command injection

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command...

9.3CVSS8.8AI score0.97419EPSS
Exploits8References3Affected Software3
osv
osv
added 2019/02/24 6:29 p.m.40 views

CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command...

8.8CVSS7.1AI score0.97419EPSS
Exploits8References4
vulnrichment
vulnrichment
added 2019/02/24 6:0 p.m.12 views

CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command...

7.3AI score0.97419EPSS
Exploits8References2
cvelist
cvelist
added 2019/02/24 6:0 p.m.50 views

CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command...

8.9AI score0.97419EPSS
Exploits8References2
cve
cve
added 2019/02/24 6:0 p.m.1314 views

CVE-2019-9082

ThinkPHP CVE-2019-9082 affects ThinkPHP before 3.2.4 (used in Open Source BMS v1.1.1). The vulnerability allows Remote Command Execution via a crafted request to public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=..., enabling an attacker to run comm...

9.3CVSS8.7AI score0.97419EPSS
In wildExploits8References4Affected Software1
attackerkb
attackerkb
added 2019/02/24 12:0 a.m.90 views

CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=calluserfuncarray&vars0=system&vars1= followed by the command. Recent assessments: Mad-robot at July 05, 2020 1:53pm UTC reported:...

9.3CVSS9AI score0.97419EPSS
In wildExploits8References6
Rows per page
Query Builder