CVE-2021-29378

Name of the Vulnerable Software and Affected Versions pear-admin-think version 2.1.2

Description The issue allows attackers to execute arbitrary code and escalate privileges via a crafted GET request to "Crud.php". This enables attackers to potentially gain unauthorized access and control over the system.

Recommendations For pear-admin-think version 2.1.2, consider disabling access to the Crud.php file until a patch is available. Restrict access to the GET request endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.