Vulnerability
ThinkPHP is a popular Chinese PHP development framework that is an open-source and object-oriented PHP development framework. ThinkPHP 5.0.9 Information Disclosure is a vulnerability that occurs when the framework does not filter the controller name efficiently. This helps the attacker to use the sensitive functions of the ThinkPHP framework using the URL and initiate Remote Code Execution.
Mitigation / Precaution
- If you are using ThinkPHP 5.0.9, upgrade to the latest version of ThinkPHP framework.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
