CyberSec.Space Logo
Back to CVE Browser

CVE-2018-25270

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0410%
EPSS Percentile27.53th
PublishedApr 22, 2026
Last ModifiedApr 27, 2026

Vulnerability Description

ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system commands with application privileges.

Affected Platforms (CPE)

πŸ“¦
Thinkphp

Thinkphp

>= 5.0.0 and < 5.0.23
πŸ“¦
Thinkphp

Thinkphp

= 5.1.31

References & Advisories

πŸ”— https://github.com/top-think/framework/
πŸ”— https://thinkphp.cn
πŸ”— https://www.exploit-db.com/exploits/45978
πŸ”— https://www.vulncheck.com/advisories/thinkphp-remote-code-execution-via-invokefunction

Related Vulnerabilities

CVE-2021-365649.8

ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter...

CVE-2020-201209.8

ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" an...

CVE-2020-197059.8

thinkphp-zcms as of 20190715 allows SQL injection via index.php?m=home&c=message&a=add.

CVE-2021-365679.8

ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Abstra...