File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ [basic ]
2+ description = ' ThinkPHP 5.0.x至5.1.x版本的框架对HTTP请求参数的过滤机制存在缺陷,攻击者可通过构造带有 `s=index/\think\Request/input&filter=phpinfo` 参数的恶意HTTP请求,将任意PHP函数注入执行,从而实现远程代码执行。该漏洞影响大量使用ThinkPHP框架的Web应用,攻击门槛低、危害范围广。CVSS评分9.8,危险等级严重。'
3+ published = " 2019-11-20"
4+ remediation = ' 升级ThinkPHP至5.1.8及以上版本,或直接迁移至ThinkPHP5.1.x/6.x版本以获取完整修复。该漏洞由`think\yaml`类在解析YAML输入时未做安全过滤导致反序列化RCE,官方已在5.0.24版本中移除该方法调用。'
5+ score = 9.8
6+ severity = " CRITICAL"
7+ sources = [" nuclei" ]
8+ title = " ThinkPHP ThinkPHP框架过滤参数反序列化远程代码执行漏洞"
9+ updated = " 2025-05-14"
10+
11+ [exploit ]
12+ exp_urls = []
13+ poc_urls = []
14+
15+ [id ]
16+ aliases = [" NUCLEI-HTTP-VULNERABILITIES-THINKPHP-THINKPHP-5023-RCE-YAML" ]
17+ ave_id = " AVE-2026-0053"
18+
19+ [meta ]
20+ collected_at = " 2026-07-15T00:00:00Z"
21+ status = " completed"
22+
23+ [references ]
24+ urls = [
25+ " https://github.com/nangge/noneCms/issues/21" ,
26+ " http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html" ,
27+ " https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-20062" ,
28+ ]
You can’t perform that action at this time.
0 commit comments