id: CVE-2022-25481 info: name: ThinkPHP 5.0.24 - Information Disclosure author: caon severity: high description: | ThinkPHP 5.0.24 is susceptible to information disclosure. This version was configured without the PATHINFO parameter. This can allow an attacker to access all system environment parameters from index.php, thereby possibly obtaining sensitive information, modifying data, and/or executing unauthorized operations. reference: - https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md - https://nvd.nist.gov/vuln/detail/CVE-2022-25481 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-25481 cwe-id: CWE-668 metadata: shodan-query: title:"ThinkPHP" verified: "true" tags: cve,cve2022,thinkphp,exposure,oss http: - method: GET path: - '{{BaseURL}}/index.php?s=example' matchers-condition: and matchers: - type: word words: - "ThinkPHP" - type: word words: - "HttpException" - "TRACE" condition: or - type: status status: - 404 # Enhanced by md on 2023/02/03