Vulnerabilities > Thinkadmin > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-15 | CVE-2023-34833 | Unrestricted Upload of File with Dangerous Type vulnerability in Thinkadmin 6.0 An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file. | 6.1 |
| 2020-12-01 | CVE-2020-29315 | Cross-site Scripting vulnerability in Thinkadmin 1.0/6.0 ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML. | 5.4 |