Feizi76

Name of the Vulnerable Software and Affected Versions: ThinkPHP versions 3.2.3 and below Description: The issue is a SQL injection vulnerability. It occurs when the array is not passed to the `where` and `query` methods. Recommendations: For ThinkPHP versions 3.2.3 and below, update to a version above 3.2.3 to resolve the issue. As a temporary workaround, consider passing arrays to the `where` and `query` methods to prevent SQL injection. Restrict access to these methods to minimize the risk of exploitation.