← Back to CVE List
CVE-2018-18546
Published:
2018-10-21T01:29Z
Last Modified:
2024-11-21T03:56Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt