CVE-2018-16385
CRITICALThinkPHP < 5.1.23 - SQL Injection via Query String
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2018-16385. PoCs published by buzhimingdeaikun.
AI-analyzed exploit summary The repository contains a README file describing a SQL injection and RCE vulnerability (CVE-2018-16385) in ThinkPHP 5.0.24, but no actual exploit code or technical details are provided. The content is limited to a high-level description of the vulnerability and its impact.
Description
ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string.
Exploits (1)
The repository contains a README file describing a SQL injection and RCE vulnerability (CVE-2018-16385) in ThinkPHP 5.0.24, but no actual exploit code or technical details are provided. The content is limited to a high-level description of the vulnerability and its impact.
References (2)
Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H