CVE-2019-9082

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.

Published: Feb 24, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-9082
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-94
CWE-306

Affected Software
References

Software	From	Fixed in
thinkphp / thinkphp	-	3.2.4
opensourcebms / open_source_background_management_system	1.1.1	1.1.1.x
zzzcms / zzzphp	1.6.1	1.6.1.x

http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html
https://github.com/xiayulei/open_source_bms/issues/33
https://www.exploit-db.com/exploits/46488/

Vulnerability Database

CVE-2019-9082