CNNVD-202602-1098 Information

CNNVD ID

CNNVD-202602-1098

Related CVE

CVE-2026-2113

• CNNVD Published: 2026-02-07

Description (Chinese)

tpAdmin是Ethan个人开发者的一个基于ThinkPHP5的管理后台。 tpadmin 1.3.12及之前版本存在代码问题漏洞，该漏洞源于对组件WebUploader中库文件/public/static/admin/lib/webuploader/0.1.5/server/preview.php的错误操作，可能导致反序列化。

Description (English)

tpAdmin is a management backstage for Ethan’s personal developer based on ThinkPHP5. There is a code problem loophole in the tpadmin 1.3.12 and earlier versions, which stems from an error in the middle library file/public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component WebUplader, which may lead to a back-serialization.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2026-02-07

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.344688 https://github.com/sTy1H/CVE-Report/blob/main/Remote%20Code%20Execution%20Vulnerability%20in%20Tpadmin%20System.md https://vuldb.com/?submit.746795 https://vuldb.com/?id.344688 https://access.redhat.com/security/cve/cve-2026-2113