Thinkadmin Security Vulnerabilities and Issues — Thinkadmin CVE List

Lucene search

ThinkadminThinkadmin

3 matches found

CVE•added 2024/11/04 1:15 a.m.•63 views

CVE-2024-10749

A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. Affected is the function script of the file /app/admin/controller/api/Plugs.php. The manipulation of the argument uptoken leads to deserialization. It is possible to launch the attack remotely. The complexity o...

8.1CVSS5.6AI score0.00142EPSS

CVE•added 2023/12/04 4:15 p.m.•27 views

CVE-2023-48966

An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file.

8.8CVSS8.8AI score0.00198EPSS

CVE•added 2023/12/04 4:15 p.m.•23 views

CVE-2023-48965

An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file.

8.8CVSS8.4AI score0.00239EPSS