edit-icon download-icon

[Vulnerability notice] Information leakage in the error page of ThinkPHP

Last Updated: Nov 23, 2017

Description

ThinkPHP is a fast, compatible and simple OOP MVC PHP framework that supports UTF-8 and multiple databases.

The ThinkPHP error page has a vulnerability, and may lead to leakage of sensitive website information.

Fix

Set APP_DEBUG to false in the ThinkPHP entry file.

Note: Make a backup before making any changes, or create a hard disk snapshot for ECS.

Thank you! We've received your feedback.