Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2023-34833
Disclosure Date: June 15, 2023 (last updated February 25, 2025)
An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file.
0
Attacker Value
Unknown
CVE-2020-35296
Disclosure Date: March 03, 2021 (last updated February 22, 2025)
ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access.
0
Attacker Value
Unknown
CVE-2020-29315
Disclosure Date: December 01, 2020 (last updated February 22, 2025)
ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML.
0
Attacker Value
Unknown
CVE-2020-25540
Disclosure Date: September 14, 2020 (last updated February 22, 2025)
ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter.
0
