CVE-2020-23653
packagist/zoujingli/thinkadmin
Deserialization of Untrusted Data
An insecure unserialize vulnerability was discovered in ThinkAdm in app/admin/controller/api/Update.php
and app/wechat/controller/api/Push.php
, which may lead to arbitrary remote code execution.
All versions starting from 4.0 up to 6.0
Unfortunately, there is no solution available yet.
2021-01-20
source |