Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thinkcmf thinkcmf 5.0.190111 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-6713
app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows remote malicious users to execute arbitrary PHP code by using vectors involving portal/List/index and list/:id to inject this code into data\conf\route.php, as demonstrated by a file_put_contents call.
Thinkcmf Thinkcmf 5.0.190111
59 Github repositories
8.8
CVSSv3
CVE-2019-7580
ThinkCMF 5.0.190111 allows remote malicious users to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.
Thinkcmf Thinkcmf 5.0.190111
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started