By Ionut Arghire on January 18, 2019
There is widespread scanning for a recently disclosed remote code execution vulnerability in the ThinkPHP framework, Akamai reveals.
ThinkPHP, a web framework by TopThink, is a Chinese-made PHP framework used by a large number of web developers in the country. In early December 2018, the framework was revealed to be impacted by a remote code execution bug that could allow an attacker to take over a vulnerable server.
The issue was that user input was not properly sanitized, thus allowing an unauthenticated user to specify their own filter function to execute.
Full Article Here:
https://www.securityweek.com/hackers-actively-scanning-thinkphp-vulnerability-akamai-says
