topthink/framework Security Advisories for v5.1.17 (12)
-
[CRITICAL] ThinkPHP Path Traversal Vulnerability
PKSA-1h4d-g3yk-64z8 CVE-2025-50706 GHSA-mrwc-mvr8-9xq5
Affected version: <=5.1.41
Reported by:
GitHub -
[MEDIUM] ThinkPHP Cross-Site Scripting Vulnerability
PKSA-qzw1-yq5b-y8j5 CVE-2024-34467 GHSA-969f-v7jv-pgj3
Affected version: <6.0.17|>=6.1.0,<6.1.5|>=8.0.0,<8.0.4
Reported by:
GitHub -
[CRITICAL] ThinkPHP Framework vulnerable to remote code execution
PKSA-xv6g-qybq-hr8n CVE-2022-47945 GHSA-p4qr-vq2g-22wp
Affected version: <6.0.14
Reported by:
GitHub -
[HIGH] Thinkphp has a code logic error
PKSA-xkj5-9ynr-37y8 CVE-2022-44289 GHSA-59fh-rjq3-xq7j
Affected version: >=5.1,<=5.1.41|<=5.0.24
Reported by:
GitHub -
[CRITICAL] ThinkPHP deserialization vulnerability
PKSA-jgyf-23n6-ght5 CVE-2022-38352 GHSA-qjjj-7g7h-54v3
Affected version: <=6.0.13
Reported by:
GitHub -
[CRITICAL] Deserialization of Untrusted Data in topthink/framework
PKSA-vy17-3bc7-3v46 CVE-2022-33107 GHSA-g377-x8rg-c9mf
Affected version: <=6.0.12
Reported by:
GitHub -
[CRITICAL] ThinkPHP SQL Injection vulnerability
PKSA-2x1t-vd8w-6n55 CVE-2018-16385 GHSA-vcm7-88jx-3r39
Affected version: <5.1.23
Reported by:
GitHub -
[CRITICAL] ThinkPHP SQLi Vulnerability
PKSA-bqq2-g2f2-zn8p CVE-2018-18530 GHSA-7xfj-4jpg-58vf
Affected version: <=5.1.25
Reported by:
GitHub -
[CRITICAL] Deserialization of Untrusted Data in topthink/framework
PKSA-spt2-xb1y-b6nn CVE-2021-23592 GHSA-3fpv-54ff-wqfj
Affected version: <6.0.12
Reported by:
GitHub -
[CRITICAL] ThinkPHP5 SQL Injection vulnerability
PKSA-kw5d-25d5-cxh2 CVE-2021-44350 GHSA-q868-c4vw-qjx3
Affected version: >=5.0,<=5.1.22
Reported by:
GitHub -
[CRITICAL] Deserialization of Untrusted Data in topthink/framework
PKSA-4nmg-mnm5-bhxt CVE-2021-36564 GHSA-33gc-6cw9-w3g4
Affected version: <6.0.9
Reported by:
GitHub -
[CRITICAL] Deserialization of Untrusted Data in topthink/framework
PKSA-hjvd-97t3-2cwk CVE-2021-36567 GHSA-qrvj-274h-hfcg
Affected version: <=6.0.8
Reported by:
GitHub