CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.
References
Link Resource
http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html Exploit Third Party Advisory VDB Entry
https://github.com/xiayulei/open_source_bms/issues/33 Exploit Issue Tracking Third Party Advisory
https://www.exploit-db.com/exploits/46488/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:thinkphp:thinkphp:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:opensourcebms:open_source_background_management_system:1.1.1:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:zzzcms:zzzphp:1.6.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-02-24 18:29

Updated : 2024-02-28 16:48


NVD link : CVE-2019-9082

Mitre link : CVE-2019-9082

CVE.ORG link : CVE-2019-9082


JSON object : View

Products Affected

opensourcebms

  • open_source_background_management_system

zzzcms

  • zzzphp

thinkphp

  • thinkphp
CWE
CWE-306

Missing Authentication for Critical Function

CWE-94

Improper Control of Generation of Code ('Code Injection')