ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-09-28T22:05:09

Updated: 2024-08-04T14:15:28.871Z

Reserved: 2020-08-13T00:00:00

Link: CVE-2020-20120

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-09-28T23:15:07.007

Modified: 2024-11-21T05:11:50.850

Link: CVE-2020-20120

cve-icon Redhat

No data.