Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thinkcmf thinkcmf 5.0.190111 vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-7580
ThinkCMF 5.0.190111 allows remote malicious users to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.
Thinkcmf Thinkcmf 5.0.190111
1 Github repository
686
VMScore
CVE-2019-6713
app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows remote malicious users to execute arbitrary PHP code by using vectors involving portal/List/index and list/:id to inject this code into data\conf\route.php, as demonstrated by a file_put_contents call.
Thinkcmf Thinkcmf 5.0.190111
59 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started