CVE-2018-17566

Name of the Vulnerable Software and Affected Versions ThinkPHP version 5.1.24

Description The issue allows for SQL injection when the delete function's WHERE condition value can be controlled by a user's request. This can potentially lead to unauthorized data access or modification.

Recommendations For ThinkPHP version 5.1.24, consider validating and sanitizing user input to prevent manipulation of the WHERE condition value in the delete function until a patch is available. Restrict access to sensitive data and ensure proper input handling to minimize the risk of exploitation.