PT-2018-3751

Name of the Vulnerable Software and Affected Versions NoneCms version 1.3 Description An issue in thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter. This is demonstrated by the query string...

DSShop open source single store mall system front-end command execution vulnerability

DSShop is based on ThinkPHP5 framework for the development of a single store mall system, full support for PC, WAP, microblogging and other terminal equipment, designed for business users to adapt to the entire business model of the solution, can fully meet the operational needs. DSShop open sour...

ThinkPHP 5.0.23/5.1.31 - Remote Code Execution

Exploit Title: ThinkPHP 5.x v5.0.23,v5.1.31 Remote Code Execution Date: 2018-12-11 Exploit Author: VulnSpy Vendor Homepage: https://thinkphp.cn Software Link: https://github.com/top-think/framework/ Version: v5.x below v5.0.23,v5.1.31 CVE: N/A Exploit...

tp5cms Arbitrary File Upload Vulnerability

tp5cms is a content management system CMS framework written in the PHP language and based on technologies such as ThinkPHP, swiper and bootstrap. A security vulnerability exists in the admin.php/upload/picture.html page in tp5cms 2017-05-25 and earlier versions. A remote attacker can exploit the...

GreenCMS suffers from SQL injection vulnerability (CNVD-2018-25888)

GreenCMS is a ThinkPHP-based content management system. GreenCMS suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information...

GreenCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-00334)

GreenCMS is a content management system CMS based on ThinkPHP. A cross-site request forgery vulnerability exists in GreenCMS version 2.3.0603. A remote attacker can exploit this vulnerability to delete log files with the help of the index.php?m=admin&c=data&a=clear URI...

SQL Injection Vulnerability in LaySNS In***.php File

LaySNS Light Community is a comprehensive website system based on ThinkPHP5+LayUI that integrates content publishing and community exchange. A SQL injection vulnerability exists in the LaySNS In.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

ThinkPHP SQL Injection Vulnerability (CNVD-2018-21508)

ThinkPHP is an open source, lightweight PHP-based web application development framework. A SQL injection vulnerability exists in ThinkPHP version 5.1.25. A remote attacker can exploit the vulnerability to obtain data...

ThinkPHP SQL Injection Vulnerability (CNVD-2018-21507)

ThinkPHP is an open source, lightweight PHP-based web application development framework. A SQL injection vulnerability exists in ThinkPHP version 3.2.4, which stems from the failure of the 'parseKey' function to properly handle the variable key.A remote attacker can exploit this vulnerability to...

ThinkPHP SQL Injection Vulnerability (CNVD-2018-21504)

ThinkPHP is an open source, lightweight PHP-based web application development framework. ThinkPHP 3.2.4 version of the Library/Think/Db/Driver.class.php file 'parseOrder' function SQL injection vulnerability, the vulnerability stems from the program incorrectly handles the variable key. remote...

CVE-2018-18546

ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...

Sql injection

ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...

CVE-2018-18546

ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...

CVE-2018-18546

CVE-2018-18546 affects ThinkPHP 3.2.4. The vulnerability is an SQL Injection via the order parameter caused by mishandling of the key in Library/Think/Db/Driver.class.php parseOrder. Public CVSS details indicate high to critical impact (CVSS2 base 7.5; CVSS3 base 9.8). Exploitation details are no...

CVE-2018-18546

ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable...

CVE-2018-18530

ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI...

CVE-2018-18529

ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI...

Sql injection

ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI...

Sql injection

ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI...

CVE-2018-18529

ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI...