CNNVD-202511-2315 Information

CNNVD ID

CNNVD-202511-2315

Related CVE

CVE-2025-63888

• CNNVD Published: 2025-11-20

Description (Chinese)

ThinkPHP是中国顶想信息科技（ThinkPHP）公司的一套基于PHP的、开源的、轻量级Web应用程序开发框架。 ThinkPHP 5.0.24版本存在安全漏洞，该漏洞源于文件thinkphplibrary hink emplatedriverFile.php中的read函数存在远程代码执行漏洞。

Description (English)

ThinkPHP is a PHP-based, open-source, lightweight Web application development framework for the top Chinese information technology (ThinkPHP) company. ThinkPHP version 5.0.24 contains a security loophole, which stems from a remote code execution loophole in the read function in the documentthinkplibrary hink emplatedriverFile.php.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

顶想信息科技

Published

2025-11-20

Last Modified

2026-02-24

References

https://gist.github.com/Master-0-0/0bf54cbb335b586b42b0db0db804e7aa https://www.yuque.com/lcc316/df0kgm/mglhbxltgbmzfh2s https://access.redhat.com/security/cve/cve-2025-63888

Patch

https://www.thinkphp.cn/