Remote Code Execution Flaw in ThinkPHP 5.0.24 by ThinkPHP
CVE-2025-63888
9.8CRITICAL
What is CVE-2025-63888?
A vulnerability in the read function located in the File.php component of ThinkPHP 5.0.24 allows attackers to execute arbitrary code remotely. This flaw can be exploited by sending specifically crafted requests to the affected function, potentially compromising the integrity of applications that rely on this version of ThinkPHP.
