High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-04	CVE-2024-10749	Deserialization of Untrusted Data vulnerability in Thinkadmin A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. network high complexity thinkadmin CWE-502	8.1
2023-12-04	CVE-2023-48965	Unrestricted Upload of File with Dangerous Type vulnerability in Thinkadmin 6.1.53 An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file. network low complexity thinkadmin CWE-434	8.8
2023-12-04	CVE-2023-48966	Unrestricted Upload of File with Dangerous Type vulnerability in Thinkadmin 6.1.53 An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file. network low complexity thinkadmin CWE-434	8.8
2021-03-03	CVE-2020-35296	Use of Hard-coded Credentials vulnerability in Thinkadmin 6.0 ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access. network low complexity thinkadmin CWE-798	7.5
2020-09-14	CVE-2020-25540	Path Traversal vulnerability in Thinkadmin 6.0 ThinkAdmin v6 is affected by a directory traversal vulnerability. network low complexity thinkadmin CWE-22	7.5