Thinkadmin
Monthly
A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.
An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
ThinkAdmin v6 is affected by a directory traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
application\admin\controller\User.php in ThinkAdmin V4.0 does not prevent continued use of an administrator's cookie-based credentials after a password change. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.
An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
ThinkAdmin v6 is affected by a directory traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
application\admin\controller\User.php in ThinkAdmin V4.0 does not prevent continued use of an administrator's cookie-based credentials after a password change. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.