Vulnerability feed

Vulnerability

CVE-2018-20062

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2018-20062
Description:: An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string.
Last updated date:: 07/25/2024

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 07/23/2021
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/17/2019
Reference url to background: https://github.com/NS-Sp4ce/thinkphp5.XRce

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/14/2020
Reference url to background: https://github.com/nangge/noneCms/issues/21

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/21/2021
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/thinkphp_rce.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/25/2024
Reference url to background: http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |