CVE-2021-44350

CRITICAL9.8EPSS 1.0%

ThinkPHP5 SQL Injection vulnerability

Published: 12/17/2021Modified: 4/24/2024
Also known as:GHSA-q868-c4vw-qjx3

Description

SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builder.php.

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1CRITICAL9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (3)