821 matches found
GHSA-P4QR-VQ2G-22WP ThinkPHP Framework vulnerable to remote code execution
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
ThinkPHP Framework vulnerable to remote code execution
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
CVE-2022-47945
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
CVE-2022-47945
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
Design/Logic Flaw
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
CVE-2022-47945
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
nbnbk 路径遍历漏洞
nbnbk is based on thinkphp5 cms management system , B2C e-commerce open source php mall system platform , tp5 open source cms , thinkphp enterprise website source code for blogs , small and medium-sized enterprises to build a station secondary development . nbnbk there is a security vulnerability...
PT-2022-28094
Name of the Vulnerable Software and Affected Versions ThinkPHP Framework versions prior to 6.0.14 Description The issue allows local file inclusion via the lang parameter when the language pack feature is enabled lang switch on=true. An unauthenticated and remote attacker can exploit this to...
ThinkPHP 路径遍历漏洞
ThinkPHP is a PHP-based, open source, lightweight web application development framework from China's Top Thinking Information Technology Company. A security vulnerability exists in ThinkPHP Framework versions prior to 6.0.14, which originates from allowing local files to be included via the lang...
CVE-2022-47945
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
CVE-2022-47945
ThinkPHP Framework versions before 6.0.14 are vulnerable to local file inclusion via the lang parameter when lang_switch_on=true. An unauthenticated, remote attacker can exploit this to run arbitrary OS commands (illustrated by including pearcmd.php). Affected component: ThinkPHP language-pack/LF...
nbnbk 跨站请求伪造漏洞
nbnbk is based on thinkphp5 cms management system , B2C e-commerce open source php mall system platform , tp5 open source cms , thinkphp enterprise website source code for blogs , small and medium-sized enterprises to build a station secondary development . nbnbk There is a security vulnerability...
nbnbk 代码问题漏洞
nbnbk is based on thinkphp5 cms management system , B2C e-commerce open source php mall system platform , tp5 open source cms , thinkphp enterprise website source code for blogs , small and medium-sized enterprises to build a station secondary development . nbnbk There is a security vulnerability...
ThinkPHP Command Execution Vulnerability (CNVD-2022-86535)
ThinkPHP is an open source lightweight PHP framework created to simplify enterprise-level application development and agile WEB application development. ThinkPHP there is a command execution vulnerability , the vulnerability is due to the opening of the multi-language function , the parameter lan...
Thinkphp has a code logic error
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
GHSA-59FH-RJQ3-XQ7J Thinkphp has a code logic error
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
Unrestricted file upload
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
ThinkPHP 5.0.24–5.1.41 contains a code-logic error in the file-upload path that can allow an attacker to obtain shell access (remote code execution) on affected servers. Exploitation details are not provided in the CVE, but multiple sources concur on the vulnerability scope and impact. A fix exis...