CVEs (27)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
3Opensourcebms ThinkphpZzzcms3Open Source Background Management System ThinkphpZzzphpDec 9, 2025 Feb 24, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed...Show more |
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable. |
ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI. |
ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI. |
In ThinkPHP 5.1.24, the inner function delete can be used for SQL injection when its WHERE condition's value can be controlled by a user's request. |
ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string. |
thinkphp 3.1.3 has SQL Injection via the index.php s parameter. |