Vulnerability Details CVE-2024-48112
A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.4%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-48112
-
cpe:2.3:a:thinkphp:thinkphp:6.1.3
-
cpe:2.3:a:thinkphp:thinkphp:6.1.4
-
cpe:2.3:a:thinkphp:thinkphp:6.1.5
-
cpe:2.3:a:thinkphp:thinkphp:8.0.0
-
cpe:2.3:a:thinkphp:thinkphp:8.0.1
-
cpe:2.3:a:thinkphp:thinkphp:8.0.2
-
cpe:2.3:a:thinkphp:thinkphp:8.0.3
-
cpe:2.3:a:thinkphp:thinkphp:8.0.4