VYPR
Critical severityNVD Advisory· Published Sep 28, 2021· Updated Aug 4, 2024

CVE-2020-20120

CVE-2020-20120

Description

ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
topthink/thinkphpPackagist
<= 3.2.3

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.