ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/top-think/thinkphp/issues/553 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-09-28T22:05:09
Updated: 2024-08-04T14:15:28.871Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-20120
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-09-28T23:15:07.007
Modified: 2024-11-21T05:11:50.850
Link: CVE-2020-20120
Redhat
No data.