0.002 Low
EPSS
Percentile
57.6%
thinkjs is vulnerable to SQL injection. An attacker is able to inject and execute arbitrary SQL statements as demonstrated by a blind SQL injection using sleep().
sleep()
blog.jiguang.xyz/posts/thinkjs-sql-injection/
github.com/thinkjs/thinkjs