CVE-2023-48965

An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file...

CVE-2023-34833

An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file...

CVE-2019-11018

application\admin\controller\User.php in ThinkAdmin V4.0 does not prevent continued use of an administrator's cookie-based credentials after a password change...

ThinkAdmin 代码问题漏洞

ThinkAdmin is ThinkAdmin open source a set of general purpose backend management system based on ThinkPHP framework. A code issue vulnerability exists in ThinkAdmin 6.1.67 and earlier versions, which stems from improper handling of the parameter uptoken, leading to deserialization...

ThinkAdmin Security Vulnerability

ThinkAdmin is a general purpose backend management system based on the ThinkPHP framework. A security vulnerability exists in ThinkAdmin version v6.1.53. An attacker can exploit this vulnerability to download malicious PHP files by providing a specially crafted URL to obtain a shell...

ThinkAdmin 代码问题漏洞

ThinkAdmin is a general-purpose backend management system based on ThinkPHP framework. ThinkAdmin v6 version has a security vulnerability, the vulnerability stems from /api/upload.php in the existence of arbitrary file upload vulnerability, an attacker can be constructed through the file to execu...