Advisories for Composer/Zoujingli/Thinkadmin package

An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file.

An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file.

An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file.

An insecure unserialize vulnerability was discovered in ThinkAdmin versions 4.x through 6.x in app/admin/controller/api/Update.php and app/wechat/controller/api/Push.php, which may lead to arbitrary remote code execution.

ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter.

ThinkAdmin version v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML.

ThinkAdmin has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access.

ThinkAdmin does not prevent continued use of an administrator's cookie-based credentials after a password change.