Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Opensourcebms Subscribe
Filtered by product Open Source Background Management System
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9082 3 Opensourcebms, Thinkphp, Zzzcms 3 Open Source Background Management System, Thinkphp, Zzzphp 2022-04-05 9.3 HIGH 8.8 HIGH
ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.