top-think/think

Releases81

Frequency1 month 1 week

Last Release 11 months ago

Stars7.89K

ThinkPHP Framework ——二十年匠心的高性能PHP框架

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-48112 ↗	Oct 30, 2024Wednesday, 30 October 2024, 21:15	9.8 CRITICAL	—
A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.
CVE-2018-17566 ↗	Sep 26, 2018Wednesday, 26 September 2018, 21:29	—	7.5 HIGH
In ThinkPHP 5.1.24, the inner function delete can be used for SQL injection when its WHERE condition's value can be controlled by a user's request.