Intrusion Prevention



This indicates an attack attempt to exploit a Remote Code Injection Vulnerability in ThinkPHP.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted HTTP request. A remote attacker can exploit this vulnerability by sending a crafted HTTP. Successful exploitation could result in arbitrary code execution in the context of the server application.

Affected Products

ThinkPHP between version 5.0.0 and version 5.0.23


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor: