ThinkPHP 5.0.x < 5.0.23 / 5.1.x < 5.1.31 Remote Code Execution

Critical Web Application Scanning Plugin ID 112564

Synopsis

Description

A remote code execution vulnerability exists within multiple subsystems of ThinkPHP 5.0.x and 5.1.x. This potentially
allows attackers to exploit multiple attack vectors on a ThinkPHP site, which could result in the site being
completely compromised.

Note: This has been detected using an active check and should be remediated immediately.

Solution

Upgrade to ThinkPHP version 5.0.23 / 5.1.31 or later.

ThinkPHP 5.0.x < 5.0.23 / 5.1.x < 5.1.31 Remote Code Execution

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerability Information

Reference Information