Tencent cloud report website has ThinkPHP 5.0.22 remote code execution high-risk vulnerability fixes

28611

A few days ago, the server has been running bandwidth running full, thought it was a large flow did not pay attention to, and later found that it seems to be invasion control to different servers to send packets, only to know that there is a loophole, and later found One Soft Blind Box V2 version of the exhaust, is the use of the old framework version, the following to do an emergency repair tutorial!

Image [1]|Tencent Cloud reports website has ThinkPHP 5.0.22 remote code execution high-risk vulnerability fixes

Just solved a ThinkPHP <5.0.24 Request.php remote code execution vulnerability, One Soft Blind Box V2 there is a remote vulnerability problem!

ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31 & & 5.2.* Full Version Remote Code Execution Vulnerability Handbook

http://blog.nsfocus.net/thinkphp-5-0-5-0-23-rce/

Another ThinkPHP 5 <=5.0.22 Remote Code Execution High Risk Vulnerability What to do? See below for the solution!

  1. Open your website and go to the root directory. Follow this path to the thinkphp\library\think\App.php file.
  2. Mine is on line 553 everyone may be different, you can search for it exactly
$controller = strip_tags($result[1] ? : $config['default_controller']);

3. Then insert after this line:

if (!preg_match('/^[A-Za-z](\w|\.) *$/', $controller)){
         throw new HttpException(404, 'controller not exists:' . $controller);
   }
Image [2]|Tencent Cloud reports website has ThinkPHP 5.0.22 remote code execution high-risk vulnerability fixes
Image [3]|Tencent Cloud reports website has ThinkPHP 5.0.22 remote code execution high-risk vulnerability fixes
------ This page is closed, please share if you like ------

Thanks for visiting, get more great articles please bookmark this site.

© copyright statement
copyright statement 1 The name of this website:OneSoftNet - Popular Resources Source Code Trading
2 This site's permanent URL:www.99blog.cn and 99blog.co.uk
3 Hereby declare: this site sells the source code, please do not use for illegal purposes. Produce legal disputes and criminal cases, this site is not responsible for any legal and joint liability! Otherwise, please bear the consequences of the user.
4 This site resources are mostly developed for Jinan OneSoft, such as copyright issues involved, please contact the webmaster in a timely manner e-mail: 2106868181@qq.com, we will remove the resources in the first time.
THE END
PHP TutorialTechnical TutorialsMiscellaneous Tutorials
If you like it, support it.
kudos11 share (joys, benefits, privileges etc) with others
OneSoft official avatar|Jinan OneSoft Network TechnologyDiamond Member
This site declares: a soft technology products, formal legal source code, more than soft copyright, a small number of agents source code, please do not use other infringement complaints channel | Jinan One Soft Network Technology
This site declares: One soft technology products, formal legal source code more than soft copyright, a small number of agents source code, please do not use other infringement complaints channel!
This site declares: One soft technology products show, formal legal source code more than soft copyright, a small number of agents source...
3 years ago 6.8W+
The first thing you need to know is that you can't afford to buy a new one, so you'll be able to buy a new one.
The official activities of OneSoft Blog Forum QQ notification group Jinan OneSoft network business opportunity sharing exchange group to make friends, talk about the market, win business opportunities.
The first thing you need to know is that you are not going to be able to get your hands on any of the products that are available on the market.
1 year ago 4.4W+
One Soft AI Star] ChatGPT V7.0 full open source JAVA intelligent AI robot openai open source unencrypted genuine soft writings | Jinan One Soft Network Technology
One Soft AI Star] ChatGPT V7.0 full open source JAVA intelligent AI robot openai open source unencrypted genuine soft writings
[One Soft AI Star] ChatGPT V7.0 full open source JAVA intelligent AI robot openai open source does not add ...
1 year ago 3.7W+
2024 docking NetEase cloud letter / high concurrency / easy ten thousand concurrent / stable not lose messages / IM instant messaging chat software | Jinan OneSoft Network Technology
2024 docking netease cloud letter / high concurrency / easy ten thousand people concurrent / stable not to lose the message / IM instant messaging chat software
2024 docking NetEase cloud letter / high concurrency / easy ten thousand people concurrently / stable not to lose the message / IM instant messaging chat...
2 years ago 3.6W+
OneSoft V5.0 small program blind box 】 full open source blind box mall H5 + small program trading platform to support the customization of easy code to pay the genuine | Jinan OneSoft network technology
OneSoft V5.0 small program blind box 】 full open source blind box mall H5 + small program trading platform to support the customization of easy code payment genuine
OneSoft V5.0 applet blind box] full open source blind box mall H5 + applet trading platform to support customization e...
2 years ago 3.6W+
Blind box source code, OneSoft Blind Box V2 four-end APP, simulation box / guess the guest magic box / Dingdang magic box, cut-price blind box, free pumping box APP source code to build the two open | Jinan OneSoft Web Technology
Blind box source code, OneSoft Blind Box V2 four-end APP, simulation box / Guess the guest magic box / Dingdong magic box, cut-price blind box, free pumping box APP source code to build a two-opening
Blind Box source code, OneSoft Blind Box V2 four-end APP, simulation box/guessing guest magic box/tinkerbell magic box, cut-price blind box, ...
2 years ago 3.2W+
Recommended
Hot Genuine Short Drama Source Docking Support Record Number Support Shelf small program over the trial formal copyright interface + original film + horizontal cover + vertical + cover + record number + authorization letter | Jinan OneSoft Network Technology
Hot Genuine Short Drama Source Docking Support Filing Number Support Shelf Small Programs for Review Regular Copyright Interface + Original Film + Horizontal Cover + Vertical Cover + Cover + Filing Number + Authorization Letter
Hot Genuine Short Drama Source Docking Support Record Number Support Shelf Small Programs for Review Regular Copyright Interface + Original Film + Horizontal Cover + Vertical Cover + Cover + Record...
11 months ago 6050
Popular short drama genuine source short drama + short drama domestic overseas open source source docking authorization short drama manufacturers to support the open API interface a key to automatically update the tutorials | Jinan OneSoft Networks Inc.
Popular short drama genuine source short drama + short drama domestic overseas open source source docking license short drama manufacturer support open API interface one key automatic update tutorials
Popular short drama genuine source short drama + short drama domestic overseas open source source docking license short drama manufacturer support open API interface one key automatic update tutorials
1 year ago 3485
One key deployment tutorial] anonymous letter build / novice 1 minute on-line build anonymous letter / Pagoda one key rapid deployment / a letter source code rapid deployment | Jinan One Soft Network Technology
One-click deployment tutorial] anonymous letter building / novice 1-minute on-line build anonymous letter / Pagoda one-click rapid deployment / a letter to the source code rapid deployment
One-click deployment tutorial] anonymous letter building / novice 1-minute on-line build anonymous letter / Pagoda one-click rapid deployment / a letter to the source code rapid deployment
2 years ago 821
Red envelope cover wholesale agent to provide Taobao Pinduoduo store teaching to provide 91 card coupon source docking tool and docking goods on the shelves Taobao must open store Individual households can have a deposit can also be their own micro-store all-platform agent | Jinan OneSoft Network Technology
Red envelope cover wholesale agent to provide Taobao Pinduoduo store teaching to provide 91 card coupon source docking tool and docking goods on the shelves Taobao must open store Individual households can have a deposit can also be their own micro-store all-platform agent
Red Packet Cover Wholesale Agent Provide Taobao Pinduoduo open store teaching Provide 91 card coupon source docking tool and docking goods on the shelves Taobao must open store Individual ...
11 months ago 777
Default avatar
look for sth.
Open Wonderful Search
tag cloud
Accompanying SystemCertificatesIndustry NewsIndustryApple Certificateswebsite source codeBlind Box Source CodeOverseas Blind BoxMiscellaneous TutorialsThe source code of this site is testedServicesmoreunmanned systemTechnical Tutorialsblind box for romanceWeChat Source Codevideo systemSmall program source codeOneSoftHubInternational Version Source Code
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform
OneSoftNet - Domestic well-known source code trading platform