8 matches found
CVE-2018-18546
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
GHSA-J7G8-3QQG-8CVM ThinkPHP SQLi Vulnerability
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
ThinkPHP SQLi Vulnerability
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
GHSA-Q868-C4VW-QJX3 ThinkPHP5 SQL Injection vulnerability
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
CVE-2018-18546
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
Sql injection
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
CVE-2018-18546
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...
CVE-2018-18546
CVE-2018-18546 affects ThinkPHP 3.2.4. The vulnerability is an SQL Injection via the order parameter caused by mishandling of the key in Library/Think/Db/Driver.class.php parseOrder. Public CVSS details indicate high to critical impact (CVSS2 base 7.5; CVSS3 base 9.8). Exploitation details are no...