← Back

Pear Admin Think

pear_admin_think

Vendor: Pearadmin • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-29378
1Pearadmin
1Pear Admin Think
Jun 17, 2026
Aug 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php.
CVE-2022-23903
1Pearadmin
1Pear Admin Think
Jun 17, 2026
Mar 29, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A Cross Site Scripting (XSS) vulnerability exists in pearadmin pear-admin-think <=5.0.6, which allows a login account to access arbitrary functions and cause stored XSS through a fake User-Agent.