{"id":"CVE-2019-7580","details":"ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.","modified":"2026-04-10T04:20:39.021599Z","published":"2019-02-07T17:29:00.253Z","references":[{"type":"EVIDENCE","url":"https://github.com/shadowsock5/ThinkCMF-5.0.190111/blob/master/README.md"},{"type":"EVIDENCE","url":"https://xz.aliyun.com/t/3997"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/thinkcmf/thinkcmf","events":[{"introduced":"0"},{"last_affected":"c02d1e31b2c353de8fab8dc8fdb1d4fb2097ccd0"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.0.190111"}]}}],"versions":["5.0-Beta","5.0-RC4","5.0.170607","5.0.180123","5.0.180501","5.0.180508","5.0.180525","5.0.180626","5.0.180901","5.0.181212","5.0.181231","5.0.181231-beta","5.0.190111","5.0RC1","5.0RC2","5.0RC3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-7580.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}