CVE-2018-18530

ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI...

CVE-2022-27442

TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password...

EyouCMS 安全漏洞

EyouCMS is an open source content management system CMS based on ThinkPHP by China Eyou Eyou. A security vulnerability exists in EyouCMS 1.7.7 and earlier versions, which stems from a misuse of the function saveRemote in the file application/function.php, which could lead to server-side request...

EyouCMS 代码问题漏洞

EyouCMS is an open source content management system CMS based on ThinkPHP by China Eyou Eyou. A code issue vulnerability exists in EyouCMS 1.7.7 and earlier versions, which stems from incorrect manipulation of the parameter attstr in the file application/api/controller/Ajax.php, which could lead ...

EyouCMS SQL注入漏洞

EyouCMS is an open source content management system CMS based on ThinkPHP by China Eyou Eyou. EyouCMS 1.7.6 and previous versions exist SQL injection vulnerability, the vulnerability stems from the wrong operation of the parameter content in the file /application/admin/logic/FilemanagerLogic.php,...

FastAdmin SQL注入漏洞

FastAdmin is a set of web backend development framework based on ThinkPHP and Bootstrap by Karson's personal developer. FastAdmin 1.7.0.20250506 and earlier versions exist SQL injection vulnerability, the vulnerability stems from the application/common/controller/Backend.php file...

Exploit for Deserialization of Untrusted Data in Thinkphp

CVE-2024-44902 - ThinkPHP Insecure Deserialization RCE Vulner...

VulnCheck KEV: CVE-2024-44902

A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code...

wtcms SQL注入漏洞

wtcms is a ThinkPHP-based content management system CMS by Taosir Individual Developer. An SQL injection vulnerability exists in wtcms, which stems from incorrect manipulation of the parameter ids in the file application/Comment/Controller/CommentadminController.class.php, which could lead to SQL...

CVE-2025-63888

The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24 contains a remote code execution vulnerability...

CVE-2025-63889

The fetch function in file thinkphp\library\think\Template.php in ThinkPHP 5.0.24 allows attackers to read arbitrary files via crafted file path in a template value...

CVE-2025-63889

The fetch function in file thinkphp\library\think\Template.php in ThinkPHP 5.0.24 allows attackers to read arbitrary files via crafted file path in a template value...

CVE-2025-63889

The fetch function in file thinkphp\library\think\Template.php in ThinkPHP 5.0.24 allows attackers to read arbitrary files via crafted file path in a template value...

CVE-2025-63888

The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24 contains a remote code execution vulnerability...

CVE-2025-63888

The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24 contains a remote code execution vulnerability...

ThinkPHP 安全漏洞

ThinkPHP is a PHP-based, open-source, lightweight web application development framework from China Top Thinking Information Technology ThinkPHP. A security vulnerability exists in ThinkPHP version 5.0.24, which originates from a remote code execution vulnerability in the read function in the file...

CVE-2025-63888

The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24 contains a remote code execution vulnerability...

ThinkPHP 安全漏洞

ThinkPHP is a PHP-based, open source, lightweight web application development framework from China Top Think Information Technology ThinkPHP. A security vulnerability exists in ThinkPHP version 5.0.24, which stems from a fetch function in the file thinkphplibrary hinkTemplate.php that allows an...

CVE-2025-63888

CVE-2025-63888 affects ThinkPHP 5.0.24 via a remote code execution vulnerability in the read function of thinkphp/library/think/template/driver/File.php . The connected documents confirm the affected component and root cause (insecure read function), but do not provide a concrete remediation vers...

PT-2025-47611

Name of the Vulnerable Software and Affected Versions ThinkPHP version 5.0.24 Description The read function within the thinkphplibrarythinktemplatedriverFile.php file in ThinkPHP 5.0.24 has a remote code execution issue. The function allows for the execution of arbitrary code. Recommendations At...