topthink/think is vulnerable to untrusted object deserialisation. The vulnerability exists in the AbstractCache
function in CacheStore.php
which allows an attacker to inject and execute arbitrary code via a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
topthink/think | le | v6.0.12 | |
topthink/think | le | v6.0.12 |