shadowsock5/ThinkCMF-5.0.190111
GitHub
Releases0
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| — | 6.5 MEDIUM | ||
ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection. | |||