23 matches found
EUVD-2021-2568
Malware in sbrugna...
shopcms_lang 安全漏洞
shopcmslang is an open source online store system based on thinkphp5. shopcmslang A security vulnerability exists , the vulnerability stems from the existence of an insecure privilege vulnerability that allows remote attackers to elevate privileges through the coverid parameter...
ThinkPHP5 SQL Injection vulnerability
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
GHSA-Q868-C4VW-QJX3 ThinkPHP5 SQL Injection vulnerability
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
CVE-2021-44350
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
CVE-2021-44350
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
Sql injection
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
CVE-2021-44350
CVE-2021-44350 is a ThinkPHP5 SQL injection vulnerability affecting ThinkPHP5 5.0.x up to 5.1.22 via the parseOrder function in Builder.php. The issue is confirmed in multiple feeds (NVD entry with CVSS 7.5 / 9.8 and other references) and is described as an SQL injection vulnerability with potent...
CVE-2021-44350
SQL Injection vulnerability exists in ThinkPHP5 5.0.x =5.1.22 via the parseOrder function in Builder.php...
Dolphin PHP has a command execution vulnerability
DolphinPHP is an open source PHP rapid development framework based on ThinkPHP5.. DolphinPHP has a command execution vulnerability, which can be exploited to gain access to the server...
File Upload Vulnerability in YunCMS
YunCMS is a CMS system based on ThinkPHP5 framework. A file upload vulnerability exists in YunCMS, which can be exploited by attackers to gain control of the server...
File upload vulnerability exists in LaySNS (CNVD-2021-44004)
LaySNS is a set of ThinkPHP5 LayUI development based on the collection of content publishing and community exchanges and one of the integrated website system. A file upload vulnerability exists in LaySNS, which can be exploited to obtain server control privileges...
Command Execution Vulnerability in HulaCWMS
HulaCWMS Hula enterprise website management system is based on ThinkPHP5 framework for the development of enterprise website management system. HulaCWMS suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the web server...
File Inclusion Vulnerability in HisiPHP
HisiPHP is based on ThinkPHP5 + Layui development of a set of free WEB open source framework. HisiPHP has a file inclusion vulnerability. Attackers can use the vulnerability to obtain server privileges...
Command Execution Vulnerability in HisiPHP
HisiPHP is based on ThinkPHP5 + Layui development of a set of free WEB open source framework. HisiPHP has a command execution vulnerability. Attackers can use the vulnerability to obtain server privileges...
Command execution vulnerability exists in HisiPHP (CNVD-2020-48613)
HisiPHP is based on ThinkPHP5 + Layui development of a set of free WEB open source framework. HisiPHP has a command execution vulnerability. Attackers can use the vulnerability to obtain server privileges...
Command Execution Vulnerability in Hisiphp V2.0.10
HisiPHP based on ThinkPHP5 + Layui development of a free WEB open source framework. Hisiphp V2.0.10 there is a command execution vulnerability , an attacker can exploit the vulnerability to write a configuration file , and the configuration file contains , execute commands...
Arbitrary File Deletion Vulnerability in SIYUCMS
SIYUCMS is a content management system based on ThinkPHP5 and Bootstrap. SIYUCMS has an arbitrary file deletion vulnerability that can be exploited by an attacker to delete arbitrary files...
Arbitrary File Deletion Vulnerability in DSShop
DSShop is based on ThinkPHP5 framework for the development of a single store mall system, full support for PC, WAP, microblogging and other terminal equipment, designed for business users to adapt to the entire business model of the solution, can fully meet the operational needs. DSShop arbitrary...
vaeThink v1. 0. 1 code execution vulnerability mining analysis-vulnerability warning-the black bar safety net
0x01 introduction This article is for a niche CMS(vaeThink v1. 0. 1 for analysis, code execution vulnerability discovery and audit process of the record, the CMS is based on ThinkPHP5 development. As a code audit entry rookie, also want to be able to practice and learn the process of recording an...