EUVD-2023-38874

Malicious code in bioql PyPI...

CVE-2020-35296

ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access...

CVE-2020-25540

ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter...

VulnCheck KEV: CVE-2020-25540

ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter...

CVE-2023-34833

An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file...

Privilege escalation

An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file...

CVE-2023-34833

An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file...

CVE-2023-34833

An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file...

CVE-2023-34833

CVE-2023-34833 describes an arbitrary file upload vulnerability in ThinkAdmin v6 at the /api/upload.php endpoint, enabling attackers to run arbitrary code via a crafted file. Affected product: ThinkAdmin v6; vulnerable component: /api/upload.php. Underlying issue: arbitrary file upload without pr...

ThinkAdmin Admin Panel Access using Default Credentials

ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access...

GHSA-CXV7-6JGF-7GWF ThinkAdmin Admin Panel Access using Default Credentials

ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access...

GHSA-2QM5-R82G-5HCX ThinkAdmin directory traversal vulnerability

ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter...

GHSA-V47F-VP3P-5J6H Cross-site scripting in ThinkAdmin

ThinkAdmin version v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML...

CVE-2020-35296

ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access...

Design/Logic Flaw

ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access...

CVE-2020-35296

ThinkAdmin v6 contains default administrator credentials that enable attackers to gain unrestricted access to the administrator dashboard. The CVE entry notes unrestricted admin access as the impact. Public references corroborate default-credential risk, but exploit details are not provided in th...

CVE-2020-35296

ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access...

ThinkAdmin v6 File Disclosure

File disclosure vulnerability in ThinkAdmin admin.html Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

CVE-2020-25540

ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter...

Directory traversal

ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter...