High severity8.8OSV Advisory· Published Feb 7, 2019· Updated Jun 17, 2026
CVE-2019-7580
CVE-2019-7580
Description
ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: 5.0.190111
Patches
Vulnerability mechanics
References
2- github.com/shadowsock5/ThinkCMF-5.0.190111/blob/master/README.mdnvdExploitThird Party Advisory
- xz.aliyun.com/t/3997nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.