CVE-2024-33444

Published April 29th, 2024

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component.

liu21st/onethink

a content manager framework base on thinkphp3.2

GitHub

378