SQL Injection Vulnerability in ThinkPHP 3.2.4 by Think Technologies
CVE-2018-18546
9.8CRITICAL
What is CVE-2018-18546?
ThinkPHP version 3.2.4 is affected by an SQL injection vulnerability that arises from improper handling of the 'order' parameter in the Library/Think/Db/Driver.class.php file. This issue allows attackers to manipulate SQL queries through the key variable, potentially leading to unauthorized data access and manipulation.
