Packagist (Composer) package
topthink/think
pkg:composer/topthink/think
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-45982 | — | <= 6.1.1 | — | Feb 8, 2023 | thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload. | ||
| CVE-2020-17952 | — | <= 6.0.9 | — | Jul 26, 2021 | A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code. |
- CVE-2022-45982Feb 8, 2023affected <= 6.1.1
thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
- CVE-2020-17952Jul 26, 2021affected <= 6.0.9
A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code.