topthink/thinkphp is vulnerable to remote code execution. An attacker can obtain server control privileges by injecting a malicious code through the filename
function in class.php
.
CPE | Name | Operator | Version |
---|---|---|---|
topthink/thinkphp | le | v3.2.5 | |
topthink/thinkphp | le | v3.2.5 |