PT-2022-27168 · Thinkphp · Thinkphp

Name of the Vulnerable Software and Affected Versions: Thinkphp versions 5.0.24 through 5.1.41 Description: The issue is caused by a code logic error that leads to a file upload getting shell access. This allows an attacker to potentially execute arbitrary code on the server. Recommendations: For...

ThinkPHP 代码问题漏洞

Top Think Information Technology ThinkPHP is a PHP-based, open source, lightweight web application development framework from China's Top Think Information Technology Company. A code issue vulnerability exists in ThinkPHP version 5.1.41 and 5.0.24, which stems from the presence of a code logic...

CVE-2022-44289

Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...

CVE-2022-44289

Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...

SIYUCMS 安全漏洞

SIYUCMS is a content management system based on ThinkPHP+AdminLTE. SIYUCMS suffers from a remote code execution vulnerability that can be exploited by an attacker to gain server privileges...

EyouCms 跨站请求伪造漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology. A security vulnerability exists in EyouCms version V1.5.9-UTF8-SP1, which originates from the Top Up Balance component of its Edit Member module that...

ThinkPHP deserialization vulnerability

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

GHSA-QJJJ-7G7H-54V3 ThinkPHP deserialization vulnerability

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

CVE-2022-38352

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

CVE-2022-38352

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

CVE-2022-38352

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

Deserialization of untrusted data

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

CVE-2022-38352

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

CVE-2022-38352

ThinkPHP v6.0.13 contains a deserialization vulnerability in the League\Flysystem\Cached\Storage\Psr6Cache component that can allow arbitrary code execution via a crafted payload. The issue affects ThinkPHP 6.0.13; affected component is League\Flysystem\Cached\Storage\Psr6Cache. Remediation cues ...

PT-2022-24383 · Unknown +1 · Leagueflysystemcachedstoragepsr6Cache +1

Name of the Vulnerable Software and Affected Versions: ThinkPHP version 6.0.13 Description: The issue is related to a deserialization vulnerability via the LeagueFlysystemCachedStoragePsr6Cache component. This allows attackers to execute arbitrary code by using a crafted payload. Recommendations:...

ThinkPHP 代码问题漏洞

TopThinkInfoTech ThinkPHP is a PHP-based, open source, lightweight web application development framework from China's TopThinkInfoTech. A security vulnerability exists in ThinkPHP version v6.0.13, which originates from a deserialization vulnerability contained in the component...

72crm 代码问题漏洞

72crm is China's 72crm open source based on TP5.0 + ElementUI of the former CRMvueCRM system . 72crm 9.0 version has a security vulnerability , the vulnerability stems from the existence of arbitrary file upload vulnerability...

EyouCms Cross-site Request Forgery Vulnerability (CNVD-2022-59207)

Zanzan Web Technology EyouCms Eyou CMS is a ThinkPHP-based open source content management system CMS from Zanzan Web Technology in China. version V1.5.8 of EyouCMS has a security vulnerability that stems from the existence of cross-site request forgery CSRF vulnerabilities through the backend,...

EyouCms 跨站请求伪造漏洞

Zanzan Web Technology EyouCms Eyou CMS is a ThinkPHP-based open source content management system CMS from Zanzan Web Technology in China. version V1.5.8 of EyouCMS has a security vulnerability that stems from the existence of cross-site request forgery CSRF vulnerabilities through the backend,...

ThinkPHP Framework 5.1.x < 5.1.31 Arbitrary File Read

A vulnerability exists within ThinkPHP Framework 5.1.x to 5.1.31. If the site is configured in debug mode, this vulnerability allows an attacker to read arbitrary files on the system due to improper sanitization of user-supplied input. No source data...