13 matches found
CVE-2018-18546
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
GHSA-J7G8-3QQG-8CVM ThinkPHP SQLi Vulnerability
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
ThinkPHP SQLi Vulnerability
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
GHSA-Q868-C4VW-QJX3 ThinkPHP5 SQL Injection vulnerability
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
ThinkPHP5 SQL Injection vulnerability
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
CVE-2021-44350
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
Sql injection
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
ThinkPHP SQL Injection Vulnerability (CNVD-2018-21504)
ThinkPHP is an open source, lightweight PHP-based web application development framework. ThinkPHP 3.2.4 version of the Library/Think/Db/Driver.class.php file 'parseOrder' function SQL injection vulnerability, the vulnerability stems from the program incorrectly handles the variable key. remote...
Sql injection
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
CVE-2018-18546
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
CVE-2018-18546
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
CVE-2018-18546
CVE-2018-18546 affects ThinkPHP 3.2.4. The vulnerability is an SQL Injection via the order parameter caused by mishandling of the key in Library/Think/Db/Driver.class.php parseOrder. Public CVSS details indicate high to critical impact (CVSS2 base 7.5; CVSS3 base 9.8). Exploitation details are no...
CVE-2018-18546
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...